Adding upstream version 1:4.13+dfsg1.upstream/1%4.13+dfsg1upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 127 insertions, 0 deletions

diff --git a/TODO b/TODO
new file mode 100644
index 0000000..8783ccd
--- /dev/null
+++ b/TODO
@@ -0,0 +1,127 @@
+ * Create a common usage function that'd take the array of
+   long options and an array of descriptions and output that so things would
+   be standardized across the utils.
+   Usage strings should be normalized and split first.
+   Investigate optparse.
+
+
+/etc/default/useradd
+ * GROUP=1000 should accept a group name.
+
+Check when RLOGIN is enabled if ruserok() exists
+
+Move selinux_file_context out of libmisc/copydir.c
+
+Review hardcoded root account?
+
+review all call to strto
+
+libmisc/cleanup_user.c
+	cleanup needed (cleanup_report_add_user* not used)
+
+
+libxcrypt support
+ * http://wiki.linuxfromscratch.org/patches/browser/trunk/shadow/shadow-4.0.18.1-owl_blowfish-1.patch
+
+implement getlong, getulong.
+	avoid atoi, atol, atoul, strtol, strtoul, ...
+
+manpages: comment the RLOGIN parts
+
+Replace build_list (in lib/gshadow.c) and list (in lib/sgetgrent.c) by
+comma_to_list()
+
+Revert the modified files if all files could not be changed.
+  * or warn and indicate which files were modified and which were not.
+  * check the order the files are modified.
+
+report nscd_flush_cache failures?
+call nscd from the programs or from lib (commonio?)
+
+PAM: check if a non-interactive conversation function could be used to set
+the password in chpasswd and newusers
+
+WITH_SELINUX
+  - review all tools to check that the strategies are consistent
+
+chage, chfn, chsh: same change needed as in passwd.
+  - probably need moving check_selinux_access to a separate file.
+
+testsuite
+ - newgrp
+   - test with unknown user's GID
+
+newusers
+ - add logging to SYSLOG & AUDIT
+ - use CREATE_HOME
+ - Add a -Z option (see useradd / usermod)
+
+Document when/where option appeared, document whether an option is standard
+or not.
+
+Check all the expiry semantics
+
+ALL:
+- move base passwd/shadow/group/gshadow operation to module for allow write
+  different backend modules for db, NIS, LDAP and others. Default backend it
+  will be goot if will be chosen depending on /etc/nsswitch.conf and allow
+  override this by -r <repository> options (where the <repository> can be
+  file, db, nis nisplus, ldap .. like on /etc/nsswitch.conf in service column).
+  passwd have old piece of code with handling -r option and it will be good
+  finish this and propagate on other shadow tools for allow operate on other
+  user databases by well known tools.
+- Protect against signals. Register do_cleanups in a signal handler.
+
+- login.defs
+  - generate depending on configuration
+
+- useradd:
+  - add handle create user mail spool in maildir format.
+  - Add support for -k in -D mode
+  - Add support for -K in -D mode
+  - Add option to create or not the mail spool (and set the default in -D
+    mode)
+  - Change -l to reset the entry if an entry was already there
+  - set the mask in mkdir?
+
+- userdel:
+  - add backup option for the removal of user resources,
+  - user_busy: check that the user is not running any processes.
+  - missing "deleting group" FAILED
+  - home dir removed, but userdel may fail and may leave the user
+    => warning needed
+
+- usermod
+  - add an option equivalent to useradd's -l (only when uid is changed)
+  - the mode of new home directories should be set according to the
+    original mode. Does copy_tree does this?
+  - user renamed, order is not kept in /etc/group (see
+    47_usermod-l_no_shadow_file). This is a problem when the first user is
+    considered as the admin.
+  - see mail "user ID change" on  April, 15
+    + fix call to chown (combination of -m and -u/-g)
+    + add tests
+
+- passwd:
+  - check combination of options (e.g. -u/-l)
+  - when -u refuse to unlock because it would create an empty password, it
+    should not display "Password changed."
+    exit instead?
+
+- newgrp: check the USE_PAM section.
+
+- pwck
+  - Add check to move passwd passwords to shadow if there is a shadow
+    entry (with a password).
+  - Add check to move passwd passwords to shadow if there is a shadow
+    file.
+  - Support an alternative /etc/tcb directory as second parameter.
+  - add options -g / -G to specify alternative group / gshadow files
+
+- su
+  - add a login.defs configuration parameter to add variables to keep in
+    the environment with "su -l" (TERM/TERMCOLOR/...)
+
+- vipw
+  - set ACLs and XATTRs on the temporary file (and backups?)
+  - vipw + selinux -> use lib/selinux.c