1 files changed, 43 insertions, 2 deletions

diff --git a/man/chsh.1.xml b/man/chsh.1.xml
index 373aa92..db2d0ce 100644
--- a/man/chsh.1.xml
+++ b/man/chsh.1.xml
@@ -115,7 +115,7 @@
 
   <refsect1 id='note'>
     <title>NOTE</title>
-    <para>
+    <para condition="without_vendordir">
       The only restriction placed on the login shell is that the command
       name must be listed in <filename>/etc/shells</filename>, unless the
       invoker is the superuser, and then any value may be added. An
@@ -125,6 +125,25 @@
       changing to a restricted shell would prevent the user from ever
       changing her login shell back to its original value.
     </para>
+    <para condition="with_vendordir">
+      The only restriction placed on the login shell is that the command
+      name must be listed in <filename>/etc/shells</filename>.
+      If this file does not exist, the definitions are taken from the files
+      <filename>%vendordir%/shells</filename>,
+      <filename>%vendordir%/shells.d/*</filename> and
+      <filename>/etc/shells.d/*</filename> in that order.
+      If <filename>/etc/shells.d/@filename@</filename> exists, then
+      <filename>%vendordir%/shells.d/@filename@</filename> will not be used.
+      If the invoker is the superuser any value may be added regardless what is
+      defined in the configuration files.
+      An account with a restricted login shell may not change her login shell.
+    </para>
+    <para>
+      For this reason, placing <filename>/bin/rsh</filename> in
+      <filename>/etc/shells</filename> is discouraged since accidentally
+      changing to a restricted shell would prevent the user from ever
+      changing her login shell back to its original value.
+    </para>
   </refsect1>
 
   <refsect1 id='configuration' condition="no_pam">
@@ -151,9 +170,31 @@
       </varlistentry>
       <varlistentry>
 	<term><filename>/etc/shells</filename></term>
-	<listitem>
+	<listitem condition="without_vendordir">
 	  <para>List of valid login shells.</para>
 	</listitem>
+	<listitem condition="with_vendordir">
+	  <para>User defined list of valid login shells.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="with_vendordir">
+       <term><filename>%vendordir%/shells</filename></term>
+        <listitem>
+          <para>Default configuration file if
+	  <filename>/etc/shells</filename> does not exist.</para>
+        </listitem>
+      </varlistentry>
+      <varlistentry condition="with_vendordir">
+        <term><filename>%vendordir%/shells.d</filename></term>
+        <listitem>
+          <para>Directory for additional vendor specific configuration files.</para>
+        </listitem>
+      </varlistentry>
+      <varlistentry condition="with_vendordir">
+        <term><filename>/etc/shells.d</filename></term>
+        <listitem>
+          <para>Directory for additional user defined configuration files.</para>
+        </listitem>
       </varlistentry>
       <varlistentry>
 	<term><filename>/etc/login.defs</filename></term>