--- shadow-4.0.18.1.orig/debian/patches/419_time_structures.dpatch
+++ shadow-4.0.18.1/debian/patches/419_time_structures.dpatch
@@ -0,0 +1,202 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 319_time_structures.dpatch by Nicolas FRANCOIS <nicolas.francois@centraliens.net>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: I didn't find a related bug in the BTS.
+## DP: It must be related to the 1:4.0.3-22 changelog:
+## DP:   Don't assume that lastlog.ll_time or utmp.ut_time or utmpx.ut_tv are
+## DP:   made up of time_ts and timevals, because they aren't on x86-64.
+## DP:   Dismaying but true.
+## DP:   -- Karl Ramm <kcr@debian.org>  Sun, 14 Mar 2004
+## DP: 
+## DP: Some parts of this patch have been applied upstream. The other parts
+## DP: should be checked.
+
+@DPATCH@
+Index: shadow-4.0.3/libmisc/log.c
+===================================================================
+--- shadow-4.0.3.orig/libmisc/log.c	1998-04-16 21:57:44.000000000 +0200
++++ shadow-4.0.3/libmisc/log.c	2005-05-12 14:05:29.976542831 +0200
+@@ -88,7 +88,7 @@ dolastlog(struct lastlog *ll, const stru
+ 	if (ll)
+ 		*ll = newlog;
+ 
+-	time(&newlog.ll_time);
++	newlog.ll_time = time(0);
+ 	strncpy(newlog.ll_line, line, sizeof newlog.ll_line);
+ #if HAVE_LL_HOST
+ 	strncpy(newlog.ll_host, host, sizeof newlog.ll_host);
+Index: shadow-4.0.3/libmisc/utmp.c
+===================================================================
+--- shadow-4.0.3.orig/libmisc/utmp.c	2002-03-08 05:30:30.000000000 +0100
++++ shadow-4.0.3/libmisc/utmp.c	2005-05-12 14:05:29.994540142 +0200
+@@ -111,7 +111,7 @@ checkutmp(int picky)
+ 		/* XXX - assumes /dev/tty?? */
+ 		strncpy(utent.ut_id, utent.ut_line + 3, sizeof utent.ut_id);
+ 		strcpy(utent.ut_user, "LOGIN");
+-		time(&utent.ut_time);
++		utent.ut_time = time(0);
+ 	}
+ }
+ 
+@@ -195,7 +195,7 @@ checkutmp(int picky)
+ 		strcpy(utent.ut_user, "LOGIN");
+ 		utent.ut_pid = getpid();
+ 		utent.ut_type = LOGIN_PROCESS;
+-		time(&utent.ut_time);
++		utent.ut_time = time(0);
+ #if HAVE_UTMPX_H
+ 		strncpy(utxent.ut_line, line, sizeof utxent.ut_line);
+ 		if ((utx = getutxline(&utxent)))
+@@ -204,7 +204,15 @@ checkutmp(int picky)
+ 		strcpy(utxent.ut_user, "LOGIN");
+ 		utxent.ut_pid = utent.ut_pid;
+ 		utxent.ut_type = utent.ut_type;
+-		gettimeofday((struct timeval *) &utxent.ut_tv, NULL);
++		/* don't assume that utmpx.ut_tv is a struct timeval */
++		{
++		    struct timeval tv;
++
++		    gettimeofday(&tv, NULL);
++
++		    utxent.ut_tv.tv_sec = tv.tv_sec;
++		    utxent.ut_tv.tv_usec = tv.tv_usec;
++		}
+ 		utent.ut_time = utxent.ut_tv.tv_sec;
+ #endif
+ 	}
+@@ -230,7 +238,7 @@ checkutmp(int picky)
+ 		line += 5;
+ 
+ 	(void) strncpy (utent.ut_line, line, sizeof utent.ut_line);
+-	(void) time (&utent.ut_time);
++	utent.ut_time = time(0);
+ }
+ 
+ #endif	/* !USG */
+@@ -286,7 +294,7 @@ setutmp(const char *name, const char *li
+ {
+ 	utent.ut_type = USER_PROCESS;
+ 	strncpy(utent.ut_user, name, sizeof utent.ut_user);
+-	time(&utent.ut_time);
++	utent.ut_time = time(0);
+ 	/* other fields already filled in by checkutmp above */
+ 	setutent();
+ 	pututline(&utent);
+@@ -375,7 +383,14 @@ setutmp(const char *name, const char *li
+ 
+ 	utline.ut_type = utxline.ut_type = USER_PROCESS;
+ 
+-	gettimeofday(&utxline.ut_tv, NULL);
++	/* don't assume that utmpx.ut_tv is a struct timeval */
++	{
++	    struct timeval tv;
++
++	    gettimeofday(&tv, NULL);
++	    utxline.ut_tv.tv_sec = tv.tv_sec;
++	    utxline.ut_tv.tv_usec = tv.tv_usec;
++	}
+ 	utline.ut_time = utxline.ut_tv.tv_sec;
+ 
+ 	strncpy(utxline.ut_host, host ? host : "", sizeof utxline.ut_host);
+@@ -435,7 +450,7 @@ setutmp(const char *name, const char *li
+ 	 * Put in the current time (common to everyone)
+ 	 */
+ 
+-	(void) time (&utmp.ut_time);
++	utmp.ut_time = time(0);
+ 
+ #ifdef UT_HOST
+ 	/*
+Index: shadow-4.0.3/src/lastlog.c
+===================================================================
+--- shadow-4.0.3.orig/src/lastlog.c	2005-05-12 14:05:24.511359400 +0200
++++ shadow-4.0.3/src/lastlog.c	2005-05-12 14:05:29.994540142 +0200
+@@ -184,7 +184,13 @@ static void print_one (const struct pass
+ #endif
+ 		once++;
+ 	}
+-	tm = localtime (&lastlog.ll_time);
++	/* don't assume lastlog.ll_time is a time_t */
++	{
++	    time_t when;
++
++	    when = lastlog.ll_time;
++	    tm = localtime (&when);
++	}
+ #ifdef HAVE_STRFTIME
+ 	strftime (ptime, sizeof (ptime), "%a %b %e %H:%M:%S %z %Y", tm);
+ 	cp = ptime;
+@@ -193,7 +199,7 @@ static void print_one (const struct pass
+ 	cp[24] = '\0';
+ #endif
+ 
+-	if (lastlog.ll_time == (time_t) 0)
++	if (lastlog.ll_time == 0)
+ 		cp = _("**Never logged in**\0");
+ 
+ #ifdef HAVE_LL_HOST
+Index: shadow-4.0.3/src/login.c
+===================================================================
+--- shadow-4.0.3.orig/src/login.c	2005-05-12 14:04:27.490878998 +0200
++++ shadow-4.0.3/src/login.c	2005-05-12 14:05:29.995539993 +0200
+@@ -849,10 +849,18 @@ int main (int argc, char **argv)
+ 			  if (getdef_str("FTMP_FILE") != NULL) {
+ #if HAVE_UTMPX_H
+ 			    failent = utxent;
+-			    gettimeofday(&(failent.ut_tv), NULL);
++			    /* don't assume that utmpx.ut_tv is a struct
++			       timeval */
++			    {
++				struct timeval tv;
++
++				gettimeofday(&tv, NULL);
++				failent.ut_tv.tv_sec = tv.tv_sec;
++				failent.ut_tv.tv_usec = tv.tv_usec;
++			    }
+ #else
+ 			    failent = utent;
+-			    time(&failent.ut_time);
++			    failent.ut_time = time(0);
+ #endif
+ 			    strncpy(failent.ut_user, failent_user, sizeof(failent.ut_user));
+ #ifdef USER_PROCESS
+@@ -1093,10 +1101,17 @@ int main (int argc, char **argv)
+ 
+ #if HAVE_UTMPX_H
+ 			failent = utxent;
+-			gettimeofday (&(failent.ut_tv), NULL);
++			/* don't assume that utmpx.ut_tv is a struct timeval */
++			{
++			    struct timeval tv;
++			    
++			    gettimeofday(&tv, NULL);
++			    failent.ut_tv.tv_sec = tv.tv_sec;
++			    failent.ut_tv.tv_usec = tv.tv_usec;
++			}
+ #else
+ 			failent = utent;
+-			time (&failent.ut_time);
++			failent.ut_time = time(0);
+ #endif
+ 			if (pwd) {
+ 				failent_user = pwent.pw_name;
+@@ -1378,15 +1393,16 @@ int main (int argc, char **argv)
+ 		}
+ 		if (getdef_bool ("LASTLOG_ENAB")
+ 		    && lastlog.ll_time != 0) {
++		        time_t when = lastlog.ll_time; /* may not be a time_t */
+ #ifdef HAVE_STRFTIME
+ 			strftime (ptime, sizeof (ptime),
+ 				  "%a %b %e %H:%M:%S %z %Y",
+-				  localtime (&lastlog.ll_time));
++				  localtime (&when));
+ 			printf (_("Last login: %s on %s"),
+ 				ptime, lastlog.ll_line);
+ #else
+ 			printf (_("Last login: %.19s on %s"),
+-				ctime (&lastlog.ll_time),
++				ctime (&when),
+ 				lastlog.ll_line);
+ #endif
+ #ifdef HAVE_LL_HOST		/* SVR4 || __linux__ || SUN4 */
--- shadow-4.0.18.1.orig/debian/patches/523_su_arguments_are_no_more_concatenated_by_default
+++ shadow-4.0.18.1/debian/patches/523_su_arguments_are_no_more_concatenated_by_default
@@ -0,0 +1,52 @@
+Goal: Do not concatenate the additional arguments, and support an
+      environment variable to revert to the old Debian's su behavior.
+
+This patch needs the su_arguments_are_concatenated patch.
+
+This patch, and su_arguments_are_concatenated should be dropped after
+Etch.
+
+Status wrt upstream: This patch is Debian specific.
+
+Index: shadow-4.0.18.1/src/su.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/su.c	2006-09-17 12:18:07.008109068 +0200
++++ shadow-4.0.18.1/src/su.c	2006-09-17 12:18:07.616113902 +0200
+@@ -76,6 +76,19 @@
+ /* If nonzero, change some environment vars to indicate the user su'd to. */
+ static int change_environment;
+ 
++/*
++ * If nonzero, keep the old Debian behavior:
++ *   * concatenate all the arguments and provide them to the -c option of
++ *     the shell
++ *   * If there are some additional arguments, but no -c, add a -c
++ *     argument anyway
++ * Drawbacks:
++ *   * you can't provide options to the shell (other than -c)
++ *   * you can't rely on the argument count
++ * See http://bugs.debian.org/276419
++ */
++static int old_debian_behavior;
++
+ #ifdef USE_PAM
+ static pam_handle_t *pamh = NULL;
+ static int caught = 0;
+@@ -323,6 +336,8 @@
+ #endif
+ #endif				/* !USE_PAM */
+ 
++	old_debian_behavior = (getenv("SU_NO_SHELL_ARGS") != NULL);
++
+ 	/* sanitize_env (); */
+ 
+ 	setlocale (LC_ALL, "");
+@@ -883,7 +898,7 @@
+ 		 * resulted string is always given to the shell with its
+ 		 * -c option.
+ 		 */
+-		{
++		if (old_debian_behavior) {
+ 			char **parg;
+ 			unsigned int cmd_len = 0;
+ 			char *cmd = NULL;
--- shadow-4.0.18.1.orig/debian/patches/431_su_uid_0_not_root
+++ shadow-4.0.18.1/debian/patches/431_su_uid_0_not_root
@@ -0,0 +1,28 @@
+Goal: don't assume uid 0 == "root", use getpwuid to fetch it
+Fixes: #81924
+
+Status wrt upstream: It was submitted upstream upstream (3 Jun 2005).
+                     Some modification may be needed before its inclusion
+                     upstream (multiple uid 0 accounts).
+http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/2005-June/001287.html
+
+Index: shadow-4.0.18.1/src/su.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/su.c	2006-08-01 12:30:02.000000000 +0200
++++ shadow-4.0.18.1/src/su.c	2006-09-17 12:17:47.383953038 +0200
+@@ -427,7 +427,14 @@
+ 			optind++;
+ 	}
+ 	if (!name[0])		/* use default user ID */
+-		(void) strcpy (name, "root");
++	{
++		struct passwd *root_pw = getpwuid(0);
++		if (root_pw == NULL) {
++			SYSLOG((LOG_CRIT, "There is no UID 0 user."));
++			su_failure(tty);
++		}
++		strcpy(name, root_pw->pw_name);
++	}
+ 
+ 	doshell = argc == optind;	/* any arguments remaining? */
+ 	if (command)
--- shadow-4.0.18.1.orig/debian/patches/401_cppw_src.dpatch
+++ shadow-4.0.18.1/debian/patches/401_cppw_src.dpatch
@@ -0,0 +1,242 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 401_cppw_src.dpatch by  Nicolas FRANCOIS <nicolas.francois@centraliens.net>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Add cppw / cpgr
+
+@DPATCH@
+Index: shadow-4.0.18.1/src/cppw.c
+===================================================================
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
++++ shadow-4.0.18.1/src/cppw.c	2006-10-21 13:45:56.000000000 +0200
+@@ -0,0 +1,198 @@
++/*
++  cppw, cpgr  copy with locking given file over the password or group file
++  with -s will copy with locking given file over shadow or gshadow file
++ 
++  Copyright (C) 1999 Stephen Frost <sfrost@snowman.net>
++
++  Based on vipw, vigr by:
++  Copyright (C) 1997 Guy Maor <maor@ece.utexas.edu>
++
++  This program is free software; you can redistribute it and/or modify
++  it under the terms of the GNU General Public License as published by
++  the Free Software Foundation; either version 2 of the License, or
++  (at your option) any later version.
++
++  This program is distributed in the hope that it will be useful, but
++  WITHOUT ANY WARRANTY; without even the implied warranty of
++  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
++  General Public License for more details.
++
++  You should have received a copy of the GNU General Public License
++  along with this program; if not, write to the Free Software
++  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
++
++  */
++
++#include <config.h>
++#include "defines.h"
++
++#include <errno.h>
++#include <sys/stat.h>
++#include <unistd.h>
++#include <stdio.h>
++#include <stdlib.h>
++#include <sys/types.h>
++#include <signal.h>
++#include <utime.h>
++#include "prototypes.h"
++#include "pwio.h"
++#include "shadowio.h"
++#include "groupio.h"
++#include "sgroupio.h"
++
++
++static const char *progname, *filename, *filenewname;
++static int filelocked = 0;
++static int (*unlock)();
++
++/* local function prototypes */
++static int create_backup_file (FILE *, const char *, struct stat *);
++static void cppwexit (const char *, int, int);
++static void cppwcopy (const char *, const char *, int (*) (void), int (*) (void));
++int main (int, char **);
++
++static int
++create_backup_file(FILE *fp, const char *backup, struct stat *sb)
++{
++  struct utimbuf ub;
++  FILE *bkfp;
++  int c;
++  mode_t mask;
++
++  mask = umask(077);
++  bkfp = fopen(backup, "w");
++  umask(mask);
++  if (!bkfp) return -1;
++
++  rewind(fp);
++  while ((c = getc(fp)) != EOF) {
++    if (putc(c, bkfp) == EOF) break;
++  }
++
++  if (c != EOF || fflush(bkfp)) {
++    fclose(bkfp);
++    unlink(backup);
++    return -1;
++  }
++  if (fclose(bkfp)) {
++    unlink(backup);
++    return -1;
++  }
++
++  ub.actime = sb->st_atime;
++  ub.modtime = sb->st_mtime;
++  if (utime(backup, &ub) ||
++      chmod(backup, sb->st_mode) ||
++      chown(backup, sb->st_uid, sb->st_gid)) {
++    unlink(backup);
++    return -1;
++  }
++  return 0;
++}
++
++static void
++cppwexit(const char *msg, int syserr, int ret)
++{
++  int err = errno;
++  if (filelocked) (*unlock)();
++  if (msg) fprintf(stderr, "%s: %s", progname, msg);
++  if (syserr) fprintf(stderr, ": %s", strerror(err));
++  fprintf(stderr, "\n%s: %s is unchanged\n", progname, filename);
++  exit(ret);
++}
++
++static void
++cppwcopy(const char *file, const char *in_file, int (*file_lock) (void), int (*file_unlock) (void))
++{
++  struct stat st1;
++  FILE *f;
++  char filenew[1024];
++
++  snprintf(filenew, sizeof filenew, "%s.new", file);
++  unlock = file_unlock;
++  filename = file;
++  filenewname = filenew;
++  
++  if (access(file, F_OK)) cppwexit(file, 1, 1);
++  if (!file_lock()) cppwexit("Couldn't lock file", errno, 5);
++  filelocked = 1;
++
++  /* file to copy has same owners, perm */
++  if (stat(file, &st1)) cppwexit(file, 1, 1);
++  if (!(f = fopen(in_file, "r"))) cppwexit(file, 1, 1);
++  if (create_backup_file(f, filenew, &st1))
++    cppwexit("Couldn't make backup", errno, 1);
++  
++  /* XXX - here we should check filenew for errors; if there are any,
++     fail w/ an appropriate error code and let the user manually fix
++     it. Use pwck or grpck to do the check.  - Stephen (Shamelessly
++     stolen from '--marekm's comment) */
++
++  if (rename(filenew, file) == -1) {
++    fprintf(stderr, "%s: can't copy %s: %s)\n",
++	    progname, filenew, strerror(errno));
++    cppwexit(0,0,1);
++  }
++
++  (*file_unlock)();
++}
++
++
++int
++main(int argc, char **argv)
++{
++  int flag;
++  int cpshadow = 0;
++  char *in_file;
++  char *c;
++  int e = 1;
++  int do_cppw;
++
++  progname = ((c = strrchr(*argv, '/')) ? c+1 : *argv);
++  do_cppw = (strcmp(progname, "cpgr") != 0);
++
++  while ((flag = getopt(argc, argv, "ghps")) != EOF) {
++    switch (flag) {
++    case 'p':
++      do_cppw = 1;
++      break;
++    case 'g':
++      do_cppw = 0;
++      break;
++    case 's':
++      cpshadow = 1;
++      break;
++    case 'h':
++      e = 0;
++    default:
++      printf("Usage:\n\
++`cppw <file>' copys over /etc/passwd   `cppw -s <file>' copys over /etc/shadow\n\
++`cpgr <file>' copys over /etc/group    `cpgr -s <file>' copys over /etc/gshadow\n\
++");
++      exit(e);
++    }
++  }
++
++  if (optind >= argc) {
++    cppwexit ("missing file argument, -h for usage",0,1);
++  }
++
++  in_file = argv[argc - 1];
++
++  if (do_cppw) {
++    if (cpshadow)
++      cppwcopy(SHADOW_FILE, in_file, spw_lock, spw_unlock);
++    else
++      cppwcopy(PASSWD_FILE, in_file, pw_lock, pw_unlock);
++  }
++  else {
++#ifdef SHADOWGRP
++    if (cpshadow)
++      cppwcopy(SGROUP_FILE, in_file, sgr_lock, sgr_unlock);
++    else
++#endif
++      cppwcopy(GROUP_FILE, in_file, gr_lock, gr_unlock);
++  }
++
++  return 0;
++}
+Index: shadow-4.0.18.1/src/Makefile.am
+===================================================================
+--- shadow-4.0.18.1.orig/src/Makefile.am	2006-10-21 13:45:26.000000000 +0200
++++ shadow-4.0.18.1/src/Makefile.am	2006-10-21 13:45:40.000000000 +0200
+@@ -24,6 +24,7 @@
+ sbin_PROGRAMS  = nologin
+ ubin_PROGRAMS  = faillog lastlog chage chfn chsh expiry gpasswd newgrp passwd
+ usbin_PROGRAMS = \
++	cppw \
+ 	chgpasswd \
+ 	chpasswd \
+ 	groupadd \
+@@ -58,6 +59,7 @@
+ chgpasswd_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX)
+ chsh_LDADD     = $(LDADD) $(LIBPAM) $(LIBSELINUX)
+ chpasswd_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX)
++cppw_LDADD     = $(LDADD) $(LIBSELINUX)
+ gpasswd_LDADD  = $(LDADD) $(LIBAUDIT) $(LIBSELINUX)
+ groupadd_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX)
+ groupdel_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX)
+Index: shadow-4.0.18.1/po/POTFILES.in
+===================================================================
+--- shadow-4.0.18.1.orig/po/POTFILES.in	2006-10-21 13:45:26.000000000 +0200
++++ shadow-4.0.18.1/po/POTFILES.in	2006-10-21 13:45:40.000000000 +0200
+@@ -61,6 +61,7 @@
+ src/chgpasswd.c
+ src/chpasswd.c
+ src/chsh.c
++src/cppw.c
+ src/expiry.c
+ src/faillog.c
+ src/gpasswd.c
--- shadow-4.0.18.1.orig/debian/patches/463_login_delay_obeys_to_PAM
+++ shadow-4.0.18.1/debian/patches/463_login_delay_obeys_to_PAM
@@ -0,0 +1,102 @@
+Goal: Do not hardcode pam_fail_delay and let pam_unix do its
+      job to set a delay...or not
+
+Fixes: #87648
+
+Status wrt upstream: Forwarded but not applied yet
+
+Note: If removed, FAIL_DELAY must be re-added to /etc/login.defs
+
+Index: shadow-4.0.18.1/src/login.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/login.c	2006-09-17 12:17:55.628018587 +0200
++++ shadow-4.0.18.1/src/login.c	2006-09-17 12:18:04.272087315 +0200
+@@ -331,7 +331,6 @@
+ 	char ptime[80];
+ #endif
+ 	int reason = PW_LOGIN;
+-	int delay;
+ 	int retries;
+ 	int failed;
+ 	int flag;
+@@ -351,6 +350,7 @@
+ 	pid_t child;
+ 	char *pam_user;
+ #else
++	int delay;
+ 	struct spwd *spwd = NULL;
+ #endif
+ 	/*
+@@ -573,7 +573,6 @@
+ 			alarm (timeout);
+ 
+ 		environ = newenvp;	/* make new environment active */
+-		delay = getdef_num ("FAIL_DELAY", 1);
+ 		retries = getdef_num ("LOGIN_RETRIES", RETRIES);
+ 
+ #ifdef USE_PAM
+@@ -589,17 +588,12 @@
+ 
+ 		/*
+ 		 * hostname & tty are either set to NULL or their correct values,
+-		 * depending on how much we know. We also set PAM's fail delay to
+-		 * ours.
++		 * depending on how much we know.
+ 		 */
+ 		retcode = pam_set_item (pamh, PAM_RHOST, hostname);
+ 		PAM_FAIL_CHECK;
+ 		retcode = pam_set_item (pamh, PAM_TTY, tty);
+ 		PAM_FAIL_CHECK;
+-#ifdef HAVE_PAM_FAIL_DELAY
+-		retcode = pam_fail_delay (pamh, 1000000 * delay);
+-		PAM_FAIL_CHECK;
+-#endif
+ 		/* if fflg == 1, then the user has already been authenticated */
+ 		if (!fflg || (getuid () != 0)) {
+ 			int failcount = 0;
+@@ -640,8 +634,6 @@
+ 			  failed = 0;
+ 
+ 			  failcount++;
+-			  if (delay > 0)
+-			    retcode = pam_fail_delay(pamh, 1000000*delay);
+ 
+ 			  retcode = pam_authenticate (pamh, 0);
+ 
+@@ -934,13 +926,16 @@
+ 		if (pwent.pw_passwd[0] == '\0')
+ 			pw_auth ("!", username, reason, (char *) 0);
+ 
++#ifndef USE_PAM
+ 		/*
+ 		 * Wait a while (a la SVR4 /usr/bin/login) before attempting
+ 		 * to login the user again. If the earlier alarm occurs
+ 		 * before the sleep() below completes, login will exit.
+ 		 */
++		delay = getdef_num ("FAIL_DELAY", 1);
+ 		if (delay > 0)
+ 			sleep (delay);
++#endif
+ 
+ 		puts (_("Login incorrect"));
+ 
+Index: shadow-4.0.18.1/lib/getdef.c
+===================================================================
+--- shadow-4.0.18.1.orig/lib/getdef.c	2006-09-17 12:17:58.260039514 +0200
++++ shadow-4.0.18.1/lib/getdef.c	2006-09-17 12:18:04.276087346 +0200
+@@ -55,7 +55,6 @@
+ 	{"ENV_PATH", NULL},
+ 	{"ENV_SUPATH", NULL},
+ 	{"ERASECHAR", NULL},
+-	{"FAIL_DELAY", NULL},
+ 	{"FAILLOG_ENAB", NULL},
+ 	{"FAKE_SHELL", NULL},
+ 	{"FTMP_FILE", NULL},
+@@ -92,6 +91,7 @@
+ 	{"ENV_HZ", NULL},
+ 	{"ENVIRON_FILE", NULL},
+ 	{"ENV_TZ", NULL},
++	{"FAIL_DELAY", NULL},
+ 	{"ISSUE_FILE", NULL},
+ 	{"LASTLOG_ENAB", NULL},
+ 	{"LOGIN_STRING", NULL},
--- shadow-4.0.18.1.orig/debian/patches/103_man-de
+++ shadow-4.0.18.1/debian/patches/103_man-de
@@ -0,0 +1,5241 @@
+Goal: Update German translations of manpages (mostly passwd). Use gettext now.
+
+Fixes: #379899
+
+Status wrt upstream: Appiled in CVS
+
+Index: shadow-4.0.18.1/man/Makefile.am
+===================================================================
+--- shadow-4.0.18.1.orig/man/Makefile.am	2006-12-07 19:04:32.571906079 +0100
++++ shadow-4.0.18.1/man/Makefile.am	2006-12-07 19:04:46.456013985 +0100
+@@ -1,5 +1,5 @@
+ 
+-LINGUAS = fr pl ru sv
++LINGUAS = de fr pl ru sv
+ 
+ # subdirectories for translated manual pages
+ DIST_SUBDIRS = cs de es fi fr hu id it ja ko pl pt_BR ru sv tr zh_CN zh_TW
+Index: shadow-4.0.18.1/man/de/de.po
+===================================================================
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
++++ shadow-4.0.18.1/man/de/de.po	2006-12-07 19:04:22.043824257 +0100
+@@ -0,0 +1,5219 @@
++# German translation of passwd.1
++# Copyright (C) 2006 Free Software Foundation, Inc.
++# Simon Brandmair <sbrandmair@gmx.net>, 2005.
++#
++msgid ""
++msgstr ""
++"Project-Id-Version: passwd.1 1.33\n"
++"POT-Creation-Date: 2006-11-12 20:17+0100\n"
++"PO-Revision-Date: 2006-08-15 19:08+0200\n"
++"Last-Translator: Simon Brandmair <sbrandmair@gmx.net>\n"
++"Language-Team: debian-l10n-german <http://lists.debian.org/debian-l10n-"
++"german/>\n"
++"MIME-Version: 1.0\n"
++"Content-Type: text/plain; charset=UTF-8\n"
++"Content-Transfer-Encoding: 8bit\n"
++
++#: vipw.8.xml:5(refentrytitle) vipw.8.xml:10(refname) vipw.8.xml:19(command)
++msgid "vipw"
++msgstr "vipw"
++
++#: vipw.8.xml:6(manvolnum) usermod.8.xml:6(manvolnum)
++#: userdel.8.xml:6(manvolnum) userdel.8.xml:147(replaceable)
++#: useradd.8.xml:6(manvolnum) pwconv.8.xml:6(manvolnum)
++#: pwck.8.xml:6(manvolnum) nologin.8.xml:6(manvolnum)
++#: newusers.8.xml:6(manvolnum) logoutd.8.xml:6(manvolnum)
++#: lastlog.8.xml:6(manvolnum) grpck.8.xml:6(manvolnum)
++#: groupmod.8.xml:6(manvolnum) groupmems.8.xml:6(manvolnum)
++#: groupdel.8.xml:6(manvolnum) groupdel.8.xml:84(replaceable)
++#: groupadd.8.xml:6(manvolnum) faillog.8.xml:6(manvolnum)
++#: faillog.5.xml:53(manvolnum) chpasswd.8.xml:6(manvolnum)
++#: chgpasswd.8.xml:6(manvolnum)
++msgid "8"
++msgstr "8"
++
++#: vipw.8.xml:7(refmiscinfo) usermod.8.xml:7(refmiscinfo)
++#: userdel.8.xml:7(refmiscinfo) useradd.8.xml:7(refmiscinfo)
++#: pwconv.8.xml:7(refmiscinfo) pwck.8.xml:7(refmiscinfo)
++#: nologin.8.xml:7(refmiscinfo) newusers.8.xml:7(refmiscinfo)
++#: logoutd.8.xml:7(refmiscinfo) lastlog.8.xml:7(refmiscinfo)
++#: grpck.8.xml:7(refmiscinfo) groupmod.8.xml:7(refmiscinfo)
++#: groupmems.8.xml:7(refmiscinfo) groupdel.8.xml:7(refmiscinfo)
++#: groupadd.8.xml:7(refmiscinfo) faillog.8.xml:7(refmiscinfo)
++#: chpasswd.8.xml:7(refmiscinfo) chgpasswd.8.xml:7(refmiscinfo)
++msgid "System Management Commands"
++msgstr ""
++
++#: vipw.8.xml:11(refname) vipw.8.xml:25(command)
++msgid "vigr"
++msgstr "vigr"
++
++#: vipw.8.xml:12(refpurpose)
++msgid "edit the password, group, shadow-password or shadow-group file"
++msgstr ""
++
++#: vipw.8.xml:21(replaceable) vipw.8.xml:27(replaceable)
++#: usermod.8.xml:18(replaceable) userdel.8.xml:16(arg)
++#: useradd.8.xml:17(replaceable) useradd.8.xml:29(replaceable)
++#: su.1.xml:17(replaceable) passwd.1.xml:18(replaceable)
++#: lastlog.8.xml:18(replaceable) groupmod.8.xml:18(replaceable)
++#: faillog.8.xml:18(replaceable) chsh.1.xml:18(replaceable)
++#: chpasswd.8.xml:18(replaceable) chgpasswd.8.xml:18(replaceable)
++#: chage.1.xml:17(replaceable)
++msgid "options"
++msgstr "optionen"
++
++#: vipw.8.xml:33(title) usermod.8.xml:25(title) userdel.8.xml:24(title)
++#: useradd.8.xml:35(title) suauth.5.xml:21(title) su.1.xml:28(title)
++#: sg.1.xml:26(title) shadow.5.xml:15(title) shadow.3.xml:64(title)
++#: shadow.3.xml:120(title) pwconv.8.xml:33(title) pwck.8.xml:44(title)
++#: porttime.5.xml:15(title) passwd.5.xml:15(title) passwd.1.xml:27(title)
++#: nologin.8.xml:21(title) newusers.8.xml:24(title) newgrp.1.xml:22(title)
++#: logoutd.8.xml:21(title) login.defs.5.xml:15(title)
++#: login.access.5.xml:15(title) login.1.xml:36(title) limits.5.xml:16(title)
++#: lastlog.8.xml:24(title) gshadow.5.xml:15(title) grpck.8.xml:25(title)
++#: groups.1.xml:24(title) groupmod.8.xml:25(title) groupmems.8.xml:27(title)
++#: groupdel.8.xml:24(title) groupadd.8.xml:30(title) gpasswd.1.xml:48(title)
++#: faillog.8.xml:24(title) faillog.5.xml:15(title) expiry.1.xml:23(title)
++#: chsh.1.xml:27(title) chpasswd.8.xml:24(title) chgpasswd.8.xml:24(title)
++#: chfn.1.xml:27(title) chage.1.xml:26(title)
++msgid "DESCRIPTION"
++msgstr "BESCHREIBUNG"
++
++#: vipw.8.xml:34(para)
++#, fuzzy
++msgid ""
++"The <command>vipw</command> and <command>vigr</command> commands edits the "
++"files <filename>/etc/passwd</filename> and <filename>/etc/group</filename>, "
++"respectively. With the <option>-s</option> flag, they will edit the shadow "
++"versions of those files, <filename>/etc/shadow</filename> and <filename>/etc/"
++"gshadow</filename>, respectively. The programs will set the appropriate "
++"locks to prevent file corruption. When looking for an editor, the programs "
++"will first try the environment variable <envar>$VISUAL</envar>, then the "
++"environment variable <envar>$EDITOR</envar>, and finally the default editor, "
++"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>."
++msgstr ""
++"<command>vipw</command> and <command>vigr</command> will edit the files "
++"<filename>/etc/passwd</filename> and <filename>/etc/group</filename>, "
++"respectively. With the <option>-s</option> flag, they will edit the shadow "
++"versions of those files, <filename>/etc/shadow</filename> and <filename>/etc/"
++"gshadow</filename>, respectively. The programs will set the appropriate "
++"locks to prevent file corruption. When looking for an editor, the programs "
++"will first try the environment variable <envar>$VISUAL</envar>, then the "
++"environment variable <envar>$EDITOR</envar>, and finally the default editor, "
++"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>."
++
++#: vipw.8.xml:51(title) usermod.8.xml:33(title) userdel.8.xml:33(title)
++#: useradd.8.xml:47(title) su.1.xml:74(title) pwck.8.xml:96(title)
++#: passwd.1.xml:140(title) login.1.xml:119(title) lastlog.8.xml:36(title)
++#: grpck.8.xml:69(title) groupmod.8.xml:34(title) groupmems.8.xml:42(title)
++#: groupadd.8.xml:39(title) gpasswd.1.xml:71(title) faillog.8.xml:35(title)
++#: chsh.1.xml:38(title) chpasswd.8.xml:46(title) chgpasswd.8.xml:45(title)
++#: chage.1.xml:36(title)
++msgid "OPTIONS"
++msgstr "OPTIONEN"
++
++#: vipw.8.xml:52(para)
++#, fuzzy
++msgid ""
++"The options which apply to the <command>vipw</command> and <command>vigr</"
++"command> commands are:"
++msgstr ""
++"Die Optionen, die vom Befehl <command>passwd</command> unterstützt werden, "
++"sind:"
++
++#: vipw.8.xml:58(term)
++msgid "<option>-g</option>, <option>--group</option>"
++msgstr ""
++
++#: vipw.8.xml:60(para)
++msgid "Edit group database."
++msgstr ""
++
++#: vipw.8.xml:64(term) userdel.8.xml:62(term) useradd.8.xml:153(term)
++#: passwd.1.xml:180(term) lastlog.8.xml:52(term) groupmod.8.xml:57(term)
++#: groupadd.8.xml:72(term) faillog.8.xml:48(term) chsh.1.xml:44(term)
++#: chpasswd.8.xml:59(term) chgpasswd.8.xml:58(term) chage.1.xml:74(term)
++msgid "<option>-h</option>, <option>--help</option>"
++msgstr "<option>-h</option>, <option>--help</option>"
++
++#: vipw.8.xml:66(para) userdel.8.xml:64(para) useradd.8.xml:155(para)
++#: passwd.1.xml:182(para) lastlog.8.xml:56(para) groupmod.8.xml:59(para)
++#: groupadd.8.xml:74(para) faillog.8.xml:50(para) chsh.1.xml:46(para)
++#: chpasswd.8.xml:61(para) chgpasswd.8.xml:60(para) chage.1.xml:76(para)
++msgid "Display help message and exit."
++msgstr "Zeigt die Hilfe an und beendet das Programm."
++
++#: vipw.8.xml:70(term)
++msgid "<option>-p</option>, <option>--passwd</option>"
++msgstr "<option>-p</option>, <option>--passwd</option>"
++
++#: vipw.8.xml:72(para)
++msgid "Edit passwd database."
++msgstr ""
++
++#: vipw.8.xml:76(term) passwd.1.xml:234(term)
++msgid "<option>-q</option>, <option>--quiet</option>"
++msgstr "<option>-q</option>, <option>--quiet</option>"
++
++#: vipw.8.xml:78(para) passwd.1.xml:238(para)
++msgid "Quiet mode."
++msgstr "Stiller Modus."
++
++#: vipw.8.xml:82(term)
++msgid "<option>-s</option>, <option>--shadow</option>"
++msgstr "<option>-s</option>, <option>--shadow</option>"
++
++#: vipw.8.xml:84(para)
++msgid "Edit shadow or gshadow database."
++msgstr ""
++
++#: vipw.8.xml:91(title) usermod.8.xml:246(title) userdel.8.xml:88(title)
++#: useradd.8.xml:363(title) suauth.5.xml:139(title) su.1.xml:176(title)
++#: sg.1.xml:43(title) shadow.5.xml:105(title) shadow.3.xml:172(title)
++#: pwconv.8.xml:109(title) pwck.8.xml:145(title) porttime.5.xml:76(title)
++#: passwd.5.xml:87(title) passwd.1.xml:322(title) newusers.8.xml:90(title)
++#: newgrp.1.xml:54(title) logoutd.8.xml:35(title) login.access.5.xml:66(title)
++#: login.1.xml:198(title) limits.5.xml:107(title) lastlog.8.xml:113(title)
++#: gshadow.5.xml:61(title) grpck.8.xml:87(title) groups.1.xml:46(title)
++#: groupmod.8.xml:89(title) groupmems.8.xml:103(title)
++#: groupdel.8.xml:43(title) groupadd.8.xml:112(title) gpasswd.1.xml:93(title)
++#: faillog.8.xml:132(title) faillog.5.xml:38(title) expiry.1.xml:32(title)
++#: chsh.1.xml:85(title) chfn.1.xml:60(title) chage.1.xml:177(title)
++msgid "FILES"
++msgstr "DATEIEN"
++
++#: vipw.8.xml:94(filename) usermod.8.xml:249(filename)
++#: userdel.8.xml:91(filename) useradd.8.xml:378(filename)
++#: sg.1.xml:58(filename) pwck.8.xml:148(filename) newgrp.1.xml:69(filename)
++#: gshadow.5.xml:64(filename) grpck.8.xml:90(filename)
++#: groups.1.xml:49(filename) groupmod.8.xml:92(filename)
++#: groupmems.8.xml:106(filename) groupdel.8.xml:46(filename)
++#: groupadd.8.xml:115(filename) gpasswd.1.xml:11(filename)
++#: gpasswd.1.xml:96(filename)
++msgid "/etc/group"
++msgstr "/etc/group"
++
++#: vipw.8.xml:96(para) usermod.8.xml:251(para) userdel.8.xml:93(para)
++#: useradd.8.xml:380(para) sg.1.xml:60(para) pwck.8.xml:150(para)
++#: newgrp.1.xml:71(para) gshadow.5.xml:66(para) grpck.8.xml:92(para)
++#: groups.1.xml:51(para) groupmod.8.xml:94(para) groupmems.8.xml:108(para)
++#: groupdel.8.xml:48(para) groupadd.8.xml:117(para) gpasswd.1.xml:98(para)
++#, fuzzy
++msgid "Group account information."
++msgstr "Informationen zu den Benutzerkonten."
++
++#: vipw.8.xml:100(filename) sg.1.xml:64(filename) newgrp.1.xml:75(filename)
++#: gshadow.5.xml:70(filename) grpck.8.xml:96(filename)
++#: groupmod.8.xml:98(filename) groupmems.8.xml:112(filename)
++#: groupdel.8.xml:52(filename) groupadd.8.xml:121(filename)
++#: gpasswd.1.xml:102(filename)
++msgid "/etc/gshadow"
++msgstr "/etc/gshadow"
++
++# type: Plain text
++#: vipw.8.xml:102(para) sg.1.xml:66(para) newgrp.1.xml:77(para)
++#: gshadow.5.xml:72(para) grpck.8.xml:98(para) groupmod.8.xml:100(para)
++#: groupdel.8.xml:54(para) groupadd.8.xml:123(para) gpasswd.1.xml:104(para)
++#, fuzzy
++msgid "Secure group account information."
++msgstr "Verschlüsselte Informationen zu den Benutzerkonten."
++
++#: vipw.8.xml:106(filename) usermod.8.xml:255(filename)
++#: userdel.8.xml:103(filename) useradd.8.xml:366(filename)
++#: su.1.xml:179(filename) sg.1.xml:46(filename) shadow.5.xml:108(filename)
++#: pwck.8.xml:154(filename) passwd.5.xml:90(filename)
++#: passwd.1.xml:325(filename) newgrp.1.xml:57(filename)
++#: login.1.xml:213(filename) grpck.8.xml:102(filename)
++#: expiry.1.xml:35(filename) chsh.1.xml:88(filename) chfn.1.xml:69(filename)
++#: chage.1.xml:181(filename)
++msgid "/etc/passwd"
++msgstr "/etc/passwd"
++
++#: vipw.8.xml:108(para) usermod.8.xml:257(para) userdel.8.xml:105(para)
++#: useradd.8.xml:368(para) su.1.xml:181(para) sg.1.xml:48(para)
++#: shadow.5.xml:110(para) pwck.8.xml:156(para) passwd.5.xml:92(para)
++#: passwd.1.xml:327(para) newgrp.1.xml:59(para) login.1.xml:215(para)
++#: grpck.8.xml:104(para) expiry.1.xml:37(para) chsh.1.xml:90(para)
++#: chfn.1.xml:71(para) chage.1.xml:184(para)
++msgid "User account information."
++msgstr "Informationen zu den Benutzerkonten."
++
++#: vipw.8.xml:112(filename) usermod.8.xml:261(filename)
++#: userdel.8.xml:109(filename) useradd.8.xml:372(filename)
++#: su.1.xml:185(filename) sg.1.xml:52(filename) shadow.5.xml:114(filename)
++#: shadow.3.xml:175(filename) pwck.8.xml:160(filename)
++#: passwd.5.xml:96(filename) passwd.1.xml:331(filename)
++#: newgrp.1.xml:63(filename) login.1.xml:219(filename)
++#: expiry.1.xml:41(filename) chage.1.xml:189(filename)
++msgid "/etc/shadow"
++msgstr "/etc/shadow"
++
++# type: Plain text
++#: vipw.8.xml:114(para) usermod.8.xml:263(para) userdel.8.xml:111(para)
++#: useradd.8.xml:374(para) su.1.xml:187(para) sg.1.xml:54(para)
++#: shadow.5.xml:116(para) shadow.3.xml:177(para) pwck.8.xml:162(para)
++#: passwd.1.xml:333(para) newgrp.1.xml:65(para) login.1.xml:221(para)
++#: expiry.1.xml:43(para) chage.1.xml:192(para)
++msgid "Secure user account information."
++msgstr "Verschlüsselte Informationen zu den Benutzerkonten."
++
++#: vipw.8.xml:120(title) usermod.8.xml:270(title) userdel.8.xml:190(title)
++#: useradd.8.xml:474(title) suauth.5.xml:168(title) su.1.xml:194(title)
++#: sg.1.xml:73(title) shadow.5.xml:123(title) shadow.3.xml:184(title)
++#: pwconv.8.xml:121(title) pwck.8.xml:169(title) porttime.5.xml:88(title)
++#: passwd.5.xml:105(title) passwd.1.xml:391(title) nologin.8.xml:35(title)
++#: newusers.8.xml:102(title) newgrp.1.xml:84(title)
++#: login.defs.5.xml:256(title) login.access.5.xml:78(title)
++#: login.1.xml:252(title) limits.5.xml:117(title) gshadow.5.xml:79(title)
++#: grpck.8.xml:111(title) groups.1.xml:58(title) groupmod.8.xml:158(title)
++#: groupmems.8.xml:121(title) groupdel.8.xml:100(title)
++#: groupadd.8.xml:199(title) gpasswd.1.xml:111(title) faillog.8.xml:144(title)
++#: faillog.5.xml:50(title) expiry.1.xml:50(title) chsh.1.xml:109(title)
++#: chpasswd.8.xml:85(title) chgpasswd.8.xml:84(title) chfn.1.xml:78(title)
++#: chage.1.xml:232(title)
++msgid "SEE ALSO"
++msgstr "SIEHE AUCH"
++
++#: vipw.8.xml:121(para)
++msgid ""
++"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>group</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
++"manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>group</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
++"manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>."
++
++#: usermod.8.xml:5(refentrytitle) usermod.8.xml:10(refname)
++#: usermod.8.xml:16(command) login.defs.5.xml:229(term)
++msgid "usermod"
++msgstr "usermod"
++
++#: usermod.8.xml:11(refpurpose)
++msgid "modify a user account"
++msgstr ""
++
++#: usermod.8.xml:20(replaceable) userdel.8.xml:18(replaceable)
++#: useradd.8.xml:19(replaceable) su.1.xml:21(replaceable)
++#: passwd.1.xml:21(replaceable) chsh.1.xml:21(replaceable)
++#: chage.1.xml:20(replaceable)
++msgid "LOGIN"
++msgstr "LOGIN"
++
++#: usermod.8.xml:26(para)
++msgid ""
++"The <command>usermod</command> command modifies the system account files to "
++"reflect the changes that are specified on the command line."
++msgstr ""
++
++#: usermod.8.xml:34(para)
++#, fuzzy
++msgid "The options which apply to the <command>usermod</command> command are:"
++msgstr ""
++"Die Optionen, die vom Befehl <command>passwd</command> unterstützt werden, "
++"sind:"
++
++#: usermod.8.xml:40(term)
++msgid "<option>-a</option>, <option>--append</option>"
++msgstr "<option>-a</option>, <option>--append</option>"
++
++#: usermod.8.xml:44(para)
++msgid ""
++"Add the user to the supplemental group(s). Use only with <option>-G</option> "
++"option."
++msgstr ""
++
++#: usermod.8.xml:51(term) useradd.8.xml:52(term)
++msgid ""
++"<option>-c</option>, <option>--comment</option><replaceable>COMMENT</"
++"replaceable>"
++msgstr ""
++
++#: usermod.8.xml:56(para)
++msgid ""
++"The new value of the user's password file comment field. It is normally "
++"modified using the <citerefentry><refentrytitle>chfn</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry> utility."
++msgstr ""
++
++#: usermod.8.xml:65(term) useradd.8.xml:80(term)
++msgid ""
++"<option>-d</option>, <option>--home</option><replaceable>HOME_DIR</"
++"replaceable>"
++msgstr ""
++
++#: usermod.8.xml:70(para)
++msgid ""
++"The user's new login directory. If the <option>-m</option> option is given "
++"the contents of the current home directory will be moved to the new home "
++"directory, which is created if it does not already exist."
++msgstr ""
++
++#: usermod.8.xml:79(term) useradd.8.xml:97(term) useradd.8.xml:281(term)
++msgid ""
++"<option>-e</option>, <option>--expiredate</option><replaceable>EXPIRE_DATE</"
++"replaceable>"
++msgstr ""
++
++#: usermod.8.xml:84(para) useradd.8.xml:102(para)
++msgid ""
++"The date on which the user account will be disabled. The date is specified "
++"in the format <emphasis remap=\"I\">YYYY-MM-DD</emphasis>."
++msgstr ""
++
++#: usermod.8.xml:91(term) useradd.8.xml:109(term) useradd.8.xml:290(term)
++msgid ""
++"<option>-f</option>, <option>--inactive</option><replaceable>INACTIVE</"
++"replaceable>"
++msgstr ""
++
++#: usermod.8.xml:96(para) useradd.8.xml:114(para)
++msgid ""
++"The number of days after a password expires until the account is permanently "
++"disabled. A value of 0 disables the account as soon as the password has "
++"expired, and a value of -1 disables the feature. The default value is -1."
++msgstr ""
++
++#: usermod.8.xml:105(term) useradd.8.xml:123(term) useradd.8.xml:302(term)
++msgid ""
++"<option>-g</option>, <option>--gid</option><replaceable>GROUP</replaceable>"
++msgstr ""
++
++#: usermod.8.xml:110(para)
++msgid ""
++"The group name or number of the user's new initial login group. The group "
++"name must exist. A group number must refer to an already existing group. The "
++"default group number is 1."
++msgstr ""
++
++#: usermod.8.xml:118(term) useradd.8.xml:137(term)
++msgid ""
++"<option>-G</option>, <option>--groups</option><replaceable>GROUP1</"
++"replaceable>[<emphasis remap=\"I\">,GROUP2,...</emphasis>[<emphasis remap=\"I"
++"\">,GROUPN</emphasis>]]]"
++msgstr ""
++
++#: usermod.8.xml:123(para)
++msgid ""
++"A list of supplementary groups which the user is also a member of. Each "
++"group is separated from the next by a comma, with no intervening whitespace. "
++"The groups are subject to the same restrictions as the group given with the "
++"<option>-g</option> option. If the user is currently a member of a group "
++"which is not listed, the user will be removed from the group. This behaviour "
++"can be changed via <option>-a</option> option, which appends user to the "
++"current supplementary group list."
++msgstr ""
++
++#: usermod.8.xml:136(term)
++msgid ""
++"<option>-l</option>, <option>--login</option><replaceable>NEW_LOGIN</"
++"replaceable>"
++msgstr ""
++
++#: usermod.8.xml:141(para)
++msgid ""
++"The name of the user will be changed from <emphasis remap=\"I\">LOGIN</"
++"emphasis> to <emphasis remap=\"I\">NEW_LOGIN</emphasis>. Nothing else is "
++"changed. In particular, the user's home directory name should probably be "
++"changed to reflect the new login name."
++msgstr ""
++
++#: usermod.8.xml:151(term)
++msgid "<option>-L</option>, <option>--lock</option>"
++msgstr ""
++
++#: usermod.8.xml:155(para)
++msgid ""
++"Lock a user's password. This puts a '!' in front of the encrypted password, "
++"effectively disabling the password. You can't use this option with <option>-"
++"p</option> or <option>-U</option>."
++msgstr ""
++
++#: usermod.8.xml:164(term) useradd.8.xml:206(term) groupmod.8.xml:75(term)
++msgid "<option>-o</option>, <option>--non-unique</option>"
++msgstr ""
++
++#: usermod.8.xml:168(para)
++msgid ""
++"When used with the <option>-u</option> option, this option allows to change "
++"the user ID to a non-unique value."
++msgstr ""
++
++#: usermod.8.xml:175(term) useradd.8.xml:214(term)
++msgid ""
++"<option>-p</option>, <option>--password</option><replaceable>PASSWORD</"
++"replaceable>"
++msgstr ""
++
++#: usermod.8.xml:180(para)
++msgid ""
++"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
++"refentrytitle><manvolnum>3</manvolnum></citerefentry>."
++msgstr ""
++
++#: usermod.8.xml:188(term) useradd.8.xml:227(term) useradd.8.xml:315(term)
++#: su.1.xml:108(term) chsh.1.xml:50(term)
++msgid ""
++"<option>-s</option>, <option>--shell</option><replaceable>SHELL</replaceable>"
++msgstr ""
++
++#: usermod.8.xml:193(para) chsh.1.xml:54(para)
++msgid ""
++"The name of the user's new login shell. Setting this field to blank causes "
++"the system to select the default login shell."
++msgstr ""
++
++#: usermod.8.xml:200(term) useradd.8.xml:240(term)
++msgid ""
++"<option>-u</option>, <option>--uid</option><replaceable>UID</replaceable>"
++msgstr ""
++
++#: usermod.8.xml:205(para)
++msgid ""
++"The numerical value of the user's ID. This value must be unique, unless the "
++"<option>-o</option> option is used. The value must be non-negative. Values "
++"between 0 and 999 are typically reserved for system accounts. Any files "
++"which the user owns and which are located in the directory tree rooted at "
++"the user's home directory will have the file user ID changed automatically. "
++"Files outside of the user's home directory must be altered manually."
++msgstr ""
++
++#: usermod.8.xml:218(term)
++msgid "<option>-U</option>, <option>--unlock</option>"
++msgstr "<option>-U</option>, <option>--unlock</option>"
++
++#: usermod.8.xml:222(para)
++msgid ""
++"Unlock a user's password. This removes the '!' in front of the encrypted "
++"password. You can't use this option with <option>-p</option> or <option>-L</"
++"option>."
++msgstr ""
++
++#: usermod.8.xml:233(title) userdel.8.xml:169(title) useradd.8.xml:343(title)
++#: su.1.xml:168(title) shadow.3.xml:164(title) passwd.1.xml:311(title)
++#: newusers.8.xml:82(title) login.1.xml:164(title) lastlog.8.xml:125(title)
++#: groupdel.8.xml:36(title) groupadd.8.xml:136(title) faillog.8.xml:121(title)
++#: chpasswd.8.xml:77(title) chgpasswd.8.xml:76(title)
++msgid "CAVEATS"
++msgstr "WARNUNGEN"
++
++#: usermod.8.xml:234(para)
++msgid ""
++"<command>usermod</command> will not allow you to change the name of a user "
++"who is logged in. You must make certain that the named user is not executing "
++"any processes when this command is being executed if the user's numerical "
++"user ID is being changed. You must change the owner of any <command>crontab</"
++"command> files manually. You must change the owner of any <command>at</"
++"command> jobs manually. You must make any changes involving NIS on the NIS "
++"server."
++msgstr ""
++
++#: usermod.8.xml:271(para)
++msgid ""
++"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>chsh</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>crypt</"
++"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>chsh</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>crypt</"
++"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>."
++
++#: userdel.8.xml:5(refentrytitle) userdel.8.xml:10(refname)
++#: userdel.8.xml:15(command) login.defs.5.xml:221(term)
++msgid "userdel"
++msgstr "userdel"
++
++#: userdel.8.xml:11(refpurpose)
++msgid "delete a user account and related files"
++msgstr ""
++
++#: userdel.8.xml:25(para)
++msgid ""
++"The <command>userdel</command> command modifies the system account files, "
++"deleting all entries that refer to <emphasis remap=\"I\">login_name</"
++"emphasis>. The named user must exist."
++msgstr ""
++
++#: userdel.8.xml:34(para)
++#, fuzzy
++msgid "The options which apply to the <command>userdel</command> command are:"
++msgstr ""
++"Die Optionen, die vom Befehl <command>passwd</command> unterstützt werden, "
++"sind:"
++
++#: userdel.8.xml:39(term)
++msgid "<option>-f</option>, <option>--force</option>"
++msgstr "<option>-f</option>, <option>--force</option"
++
++#: userdel.8.xml:43(para)
++msgid ""
++"This option forces the removal of the user, even if she is still logged in. "
++"It also forces <command>userdel</command> to remove the user's home "
++"directory or her mail spool, even if another user uses the same home "
++"directory or if the mail spool is not owned by the specified user. If "
++"<emphasis>USERGROUPS_ENAB</emphasis> is defined to <emphasis remap=\"I"
++"\">yes</emphasis> in <filename>/etc/login.defs</filename> and if a group "
++"exists with the same name as the deleted user, then this group will be "
++"removed, even if it is still the primary group of another user."
++msgstr ""
++
++#: userdel.8.xml:55(para)
++msgid ""
++"<emphasis>Note:</emphasis> This option is dangerous and may leave your "
++"system in an inconsistent state."
++msgstr ""
++
++#: userdel.8.xml:68(term)
++msgid "<option>-r</option>, <option>--remove</option>"
++msgstr "<option>-r</option>, <option>--remove</option>"
++
++#: userdel.8.xml:72(para)
++msgid ""
++"Files in the user's home directory will be removed along with the home "
++"directory itself and the user's mail spool. Files located in other file "
++"systems will have to be searched for and deleted manually."
++msgstr ""
++
++#: userdel.8.xml:78(para)
++msgid ""
++"The mail spool is defined by the <emphasis>MAIL_DIR</emphasis> variable in "
++"the <filename>login.defs</filename> file."
++msgstr ""
++
++#: userdel.8.xml:97(filename) useradd.8.xml:396(filename)
++#: pwconv.8.xml:112(filename) newusers.8.xml:93(filename)
++#: login.access.5.xml:69(filename) groupadd.8.xml:127(filename)
++#: chsh.1.xml:100(filename) chfn.1.xml:63(filename)
++msgid "/etc/login.defs"
++msgstr ""
++
++#: userdel.8.xml:99(para) useradd.8.xml:398(para) pwconv.8.xml:114(para)
++#: newusers.8.xml:95(para) login.access.5.xml:71(para)
++#: groupadd.8.xml:129(para) chsh.1.xml:102(para) chfn.1.xml:65(para)
++msgid "Shadow password suite configuration."
++msgstr ""
++
++#: userdel.8.xml:118(title) useradd.8.xml:405(title) pwck.8.xml:186(title)
++#: passwd.1.xml:340(title) grpck.8.xml:129(title) groupmod.8.xml:107(title)
++#: groupdel.8.xml:61(title) groupadd.8.xml:154(title) chage.1.xml:199(title)
++msgid "EXIT VALUES"
++msgstr "RÜCKGABEWERTE"
++
++#: userdel.8.xml:123(replaceable) useradd.8.xml:410(replaceable)
++#: pwck.8.xml:191(replaceable) passwd.1.xml:345(replaceable)
++#: grpck.8.xml:134(replaceable) groupmod.8.xml:112(replaceable)
++#: groupdel.8.xml:66(replaceable) groupadd.8.xml:159(replaceable)
++#: chage.1.xml:204(replaceable)
++msgid "0"
++msgstr "0"
++
++#: userdel.8.xml:125(para) useradd.8.xml:412(para) pwck.8.xml:193(para)
++#: passwd.1.xml:347(para) grpck.8.xml:136(para) groupmod.8.xml:114(para)
++#: groupdel.8.xml:68(para) groupadd.8.xml:161(para) chage.1.xml:206(para)
++msgid "success"
++msgstr "Erfolg"
++
++#: userdel.8.xml:129(replaceable) useradd.8.xml:416(replaceable)
++#: su.1.xml:6(manvolnum) sg.1.xml:6(manvolnum) pwck.8.xml:197(replaceable)
++#: passwd.1.xml:6(manvolnum) passwd.1.xml:351(replaceable)
++#: newgrp.1.xml:6(manvolnum) login.1.xml:6(manvolnum)
++#: grpck.8.xml:140(replaceable) groups.1.xml:6(manvolnum)
++#: gpasswd.1.xml:6(manvolnum) expiry.1.xml:6(manvolnum)
++#: chsh.1.xml:6(manvolnum) chfn.1.xml:6(manvolnum) chage.1.xml:6(manvolnum)
++#: chage.1.xml:210(replaceable)
++msgid "1"
++msgstr "1"
++
++#: userdel.8.xml:131(para) useradd.8.xml:418(para)
++#, fuzzy
++msgid "can't update password file"
++msgstr "ändert das Passwort eines Benutzers"
++
++#: userdel.8.xml:135(replaceable) useradd.8.xml:422(replaceable)
++#: pwck.8.xml:203(replaceable) passwd.1.xml:357(replaceable)
++#: grpck.8.xml:146(replaceable) groupmod.8.xml:118(replaceable)
++#: groupdel.8.xml:72(replaceable) groupadd.8.xml:165(replaceable)
++#: chage.1.xml:216(replaceable)
++msgid "2"
++msgstr "2"
++
++#: userdel.8.xml:137(para) useradd.8.xml:424(para) pwck.8.xml:199(para)
++#: grpck.8.xml:142(para) groupmod.8.xml:120(para) groupdel.8.xml:74(para)
++#: groupadd.8.xml:167(para) chage.1.xml:218(para)
++msgid "invalid command syntax"
++msgstr ""
++
++#: userdel.8.xml:141(replaceable) useradd.8.xml:440(replaceable)
++#: passwd.1.xml:381(replaceable) groupmod.8.xml:136(replaceable)
++#: groupdel.8.xml:78(replaceable)
++msgid "6"
++msgstr "6"
++
++#: userdel.8.xml:143(para)
++msgid "specified user doesn't exist"
++msgstr ""
++
++#: userdel.8.xml:149(para)
++msgid "user currently logged in"
++msgstr ""
++
++#: userdel.8.xml:153(replaceable) useradd.8.xml:452(replaceable)
++#: groupmod.8.xml:148(replaceable) groupdel.8.xml:90(replaceable)
++#: groupadd.8.xml:189(replaceable)
++msgid "10"
++msgstr "10"
++
++#: userdel.8.xml:155(para) useradd.8.xml:454(para) groupmod.8.xml:150(para)
++#: groupdel.8.xml:92(para) groupadd.8.xml:191(para)
++msgid "can't update group file"
++msgstr ""
++
++#: userdel.8.xml:159(replaceable) useradd.8.xml:458(replaceable)
++msgid "12"
++msgstr "12"
++
++#: userdel.8.xml:161(para)
++msgid "can't remove home directory"
++msgstr ""
++
++#: userdel.8.xml:119(para)
++#, fuzzy
++msgid ""
++"The <command>userdel</command> command exits with the following values: "
++"<placeholder-1/>"
++msgstr ""
++"Der Befehl <command>passwd</command> gibt beim Beenden folgende Werte "
++"zurück: <placeholder-1/>"
++
++#: userdel.8.xml:170(para)
++msgid ""
++"<command>userdel</command> will not allow you to remove an account if the "
++"user is currently logged in. You must kill any running processes which "
++"belong to an account that you are deleting."
++msgstr ""
++
++#: userdel.8.xml:175(para)
++msgid ""
++"You may not remove any NIS attributes on a NIS client. This must be "
++"performed on the NIS server."
++msgstr ""
++
++#: userdel.8.xml:178(para)
++msgid ""
++"If <emphasis>USERGROUPS_ENAB</emphasis> is defined to <emphasis remap=\"I"
++"\">yes</emphasis> in <filename>/etc/login.defs</filename>, <command>userdel</"
++"command> will delete the group with the same name as the user. To avoid "
++"inconsistencies in the passwd and group databases, <command>userdel</"
++"command> will check that this group is not used as a primary group for "
++"another user, and will just warn without deleting the user otherwise. The "
++"<option>-f</option> option can force the deletion of this group."
++msgstr ""
++
++#: userdel.8.xml:191(para)
++msgid ""
++"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>chsh</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>login.defs</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>chsh</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>login.defs</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
++
++#: useradd.8.xml:5(refentrytitle) useradd.8.xml:10(refname)
++#: useradd.8.xml:15(command) useradd.8.xml:22(command)
++#: useradd.8.xml:26(command) login.defs.5.xml:210(term)
++msgid "useradd"
++msgstr "useradd"
++
++#: useradd.8.xml:11(refpurpose)
++msgid "create a new user or update default new user information"
++msgstr ""
++
++#: useradd.8.xml:23(arg) useradd.8.xml:27(arg)
++msgid "-D"
++msgstr "-D"
++
++#: useradd.8.xml:36(para)
++msgid ""
++"When invoked without the <option>-D</option> option, the <command>useradd</"
++"command> command creates a new user account using the values specified on "
++"the command line and the default values from the system. Depending on "
++"command line options, the useradd command will update system files and may "
++"also create the new user's home directory and copy initial files."
++msgstr ""
++
++#: useradd.8.xml:48(para)
++#, fuzzy
++msgid "The options which apply to the <command>useradd</command> command are:"
++msgstr ""
++"Die Optionen, die vom Befehl <command>passwd</command> unterstützt werden, "
++"sind:"
++
++#: useradd.8.xml:57(para)
++msgid ""
++"Any text string. It is generally a short description of the login, and is "
++"currently used as the field for the user's full name."
++msgstr ""
++
++#: useradd.8.xml:65(term) useradd.8.xml:266(term)
++msgid ""
++"<option>-b</option>, <option>--base-dir</option><replaceable>BASE_DIR</"
++"replaceable>"
++msgstr ""
++
++#: useradd.8.xml:70(para)
++msgid ""
++"The default base directory for the system if <option>-d</option> dir is not "
++"specified. <replaceable>BASE_DIR</replaceable> is concatenated with the "
++"account name to define the home directory. If the <option>-m</option> option "
++"is not used, <replaceable>BASE_DIR</replaceable> must exist."
++msgstr ""
++
++#: useradd.8.xml:85(para)
++msgid ""
++"The new user will be created using <replaceable>HOME_DIR</replaceable> as "
++"the value for the user's login directory. The default is to append the "
++"<replaceable>LOGIN</replaceable> name to <replaceable>BASE_DIR</replaceable> "
++"and use that as the login directory name. The directory "
++"<replaceable>HOME_DIR</replaceable> does not have to exist but will not be "
++"created if it is missing."
++msgstr ""
++
++#: useradd.8.xml:128(para)
++msgid ""
++"The group name or number of the user's initial login group. The group name "
++"must exist. A group number must refer to an already existing group. The "
++"default group number is 1 or whatever is specified in <filename>/etc/default/"
++"useradd</filename>."
++msgstr ""
++
++#: useradd.8.xml:142(para)
++msgid ""
++"A list of supplementary groups which the user is also a member of. Each "
++"group is separated from the next by a comma, with no intervening whitespace. "
++"The groups are subject to the same restrictions as the group given with the "
++"<option>-g</option> option. The default is for the user to belong only to "
++"the initial group."
++msgstr ""
++
++#: useradd.8.xml:159(term)
++msgid "<option>-m</option>, <option>--create-home</option>"
++msgstr "<option>-m</option>, <option>--create-home</option>"
++
++#: useradd.8.xml:163(para)
++msgid ""
++"The user's home directory will be created if it does not exist. The files "
++"contained in <replaceable>SKEL_DIR</replaceable> will be copied to the home "
++"directory if the <option>-k</option> option is used, otherwise the files "
++"contained in <filename>/etc/skel</filename> will be used instead. Any "
++"directories contained in <replaceable>SKEL_DIR</replaceable> or <filename>/"
++"etc/skel</filename> will be created in the user's home directory as well. "
++"The <option>-k</option> option is only valid in conjunction with the "
++"<option>-m</option> option. The default is to not create the directory and "
++"to not copy any files."
++msgstr ""
++
++#: useradd.8.xml:179(term)
++msgid ""
++"<option>-K</option>, <option>--key</option><replaceable>KEY</"
++"replaceable>=<replaceable>VALUE</replaceable>"
++msgstr ""
++
++#: useradd.8.xml:184(para)
++msgid ""
++"Overrides /etc/login.defs defaults (UID_MIN, UID_MAX, UMASK, PASS_MAX_DAYS "
++"and others). <placeholder-1/> Example: <option>-K </"
++"option><replaceable>PASS_MAX_DAYS</replaceable>=<replaceable>-1</"
++"replaceable> can be used when creating system account to turn off password "
++"ageing, even though system account has no password at all. Multiple <option>-"
++"K</option> options can be specified, e.g.: <option>-K </"
++"option><replaceable>UID_MIN</replaceable>=<replaceable>100</"
++"replaceable><option> -K </option><replaceable>UID_MAX</"
++"replaceable>=<replaceable>499</replaceable>"
++msgstr ""
++
++#: useradd.8.xml:198(para)
++msgid ""
++"Note: <option>-K </option><replaceable>UID_MIN</"
++"replaceable>=<replaceable>10</replaceable>,<replaceable>UID_MAX</"
++"replaceable>=<replaceable>499</replaceable> doesn't work yet."
++msgstr ""
++
++#: useradd.8.xml:210(para)
++msgid "Allow the creation of a user account with a duplicate (non-unique) UID."
++msgstr ""
++
++#: useradd.8.xml:219(para)
++msgid ""
++"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
++"refentrytitle><manvolnum>3</manvolnum></citerefentry>. The default is to "
++"disable the account."
++msgstr ""
++
++#: useradd.8.xml:232(para)
++msgid ""
++"The name of the user's login shell. The default is to leave this field "
++"blank, which causes the system to select the default login shell."
++msgstr ""
++
++#: useradd.8.xml:245(para)
++msgid ""
++"The numerical value of the user's ID. This value must be unique, unless the "
++"<option>-o</option> option is used. The value must be non-negative. The "
++"default is to use the smallest ID value greater than 999 and greater than "
++"every other user. Values between 0 and 999 are typically reserved for system "
++"accounts."
++msgstr ""
++
++#: useradd.8.xml:257(title)
++msgid "Changing the default values"
++msgstr ""
++
++#: useradd.8.xml:258(para)
++msgid ""
++"When invoked with the <option>-D</option> option, <command>useradd</command> "
++"will either display the current default values, or update the default values "
++"from the command line. The valid options are"
++msgstr ""
++
++#: useradd.8.xml:271(para)
++msgid ""
++"The initial path prefix for a new user's home directory. The user's name "
++"will be affixed to the end of <replaceable>HOME_DIR</replaceable> to create "
++"the new directory name if the <option>-d</option> option is not used when "
++"creating a new account."
++msgstr ""
++
++#: useradd.8.xml:286(para)
++msgid "The date on which the user account is disabled."
++msgstr ""
++
++#: useradd.8.xml:295(para)
++msgid ""
++"The number of days after a password has expired before the account will be "
++"disabled."
++msgstr ""
++
++#: useradd.8.xml:307(para)
++msgid ""
++"The group name or ID for a new user's initial group. The named group must "
++"exist, and a numerical group ID must have an existing entry."
++msgstr ""
++
++#: useradd.8.xml:320(para)
++msgid ""
++"The name of the new user's login shell. The named program will be used for "
++"all future new user accounts."
++msgstr ""
++
++#: useradd.8.xml:328(para)
++msgid ""
++"If no options are specified, <command>useradd</command> displays the current "
++"default values."
++msgstr ""
++
++#: useradd.8.xml:336(title)
++msgid "NOTES"
++msgstr ""
++
++#: useradd.8.xml:337(para)
++msgid ""
++"The system administrator is responsible for placing the default user files "
++"in the <filename>/etc/skel/</filename> directory."
++msgstr ""
++
++#: useradd.8.xml:344(para)
++msgid ""
++"You may not add a user to a NIS group. This must be performed on the NIS "
++"server."
++msgstr ""
++
++#: useradd.8.xml:349(para)
++msgid ""
++"Similarly, if the username already exists in an external user database such "
++"as NIS, <command>useradd</command> will deny the user account creation "
++"request."
++msgstr ""
++
++#: useradd.8.xml:355(para)
++msgid ""
++"Usernames must begin with a lower case letter or an underscore, and only "
++"lower case letters, underscores, dashes, and dollar signs may follow. In "
++"regular expression terms: [a-z_][a-z0-9_-]*[$]"
++msgstr ""
++
++#: useradd.8.xml:384(filename)
++msgid "/etc/default/useradd"
++msgstr "/etc/default/useradd"
++
++# type: Plain text
++#: useradd.8.xml:386(para)
++#, fuzzy
++msgid "Default values for account creation."
++msgstr "Verschlüsselte Informationen zu den Benutzerkonten."
++
++#: useradd.8.xml:390(filename)
++msgid "/etc/skel/"
++msgstr "/etc/skel/"
++
++#: useradd.8.xml:392(para)
++msgid "Directory containing default files."
++msgstr ""
++
++#: useradd.8.xml:428(replaceable) shadow.3.xml:6(manvolnum)
++#: pwck.8.xml:209(replaceable) passwd.1.xml:363(replaceable)
++#: grpck.8.xml:152(replaceable) groupmod.8.xml:124(replaceable)
++#: groupadd.8.xml:171(replaceable)
++msgid "3"
++msgstr "3"
++
++#: useradd.8.xml:430(para) passwd.1.xml:383(para) groupmod.8.xml:126(para)
++#: groupadd.8.xml:173(para)
++msgid "invalid argument to option"
++msgstr "ungültiges Argument für Option"
++
++#: useradd.8.xml:434(replaceable) pwck.8.xml:215(replaceable)
++#: passwd.1.xml:369(replaceable) grpck.8.xml:158(replaceable)
++#: groupmod.8.xml:130(replaceable) groupadd.8.xml:177(replaceable)
++msgid "4"
++msgstr "4"
++
++#: useradd.8.xml:436(para)
++msgid "UID already in use (and no <option>-o</option>)"
++msgstr ""
++
++#: useradd.8.xml:442(para) groupmod.8.xml:132(para) groupmod.8.xml:138(para)
++#: groupdel.8.xml:80(para)
++msgid "specified group doesn't exist"
++msgstr ""
++
++#: useradd.8.xml:446(replaceable) groupmod.8.xml:142(replaceable)
++#: groupadd.8.xml:183(replaceable)
++msgid "9"
++msgstr "9"
++
++#: useradd.8.xml:448(para)
++msgid "username already in use"
++msgstr ""
++
++#: useradd.8.xml:460(para)
++msgid "can't create home directory"
++msgstr ""
++
++#: useradd.8.xml:464(replaceable)
++msgid "13"
++msgstr "13"
++
++#: useradd.8.xml:466(para)
++msgid "can't create mail spool"
++msgstr ""
++
++#: useradd.8.xml:406(para)
++#, fuzzy
++msgid ""
++"The <command>useradd</command> command exits with the following values: "
++"<placeholder-1/>"
++msgstr ""
++"Der Befehl <command>passwd</command> gibt beim Beenden folgende Werte "
++"zurück: <placeholder-1/>"
++
++#: useradd.8.xml:475(para)
++msgid ""
++"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>chsh</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>crypt</"
++"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>chsh</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>crypt</"
++"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>."
++
++#: suauth.5.xml:5(refentrytitle) suauth.5.xml:10(refname)
++msgid "suauth"
++msgstr "suauth"
++
++#: suauth.5.xml:6(manvolnum) shadow.5.xml:6(manvolnum)
++#: pwck.8.xml:221(replaceable) porttime.5.xml:6(manvolnum)
++#: passwd.5.xml:6(manvolnum) passwd.1.xml:375(replaceable)
++#: login.defs.5.xml:6(manvolnum) login.access.5.xml:6(manvolnum)
++#: limits.5.xml:6(manvolnum) gshadow.5.xml:6(manvolnum)
++#: grpck.8.xml:164(replaceable) faillog.5.xml:6(manvolnum)
++msgid "5"
++msgstr "5"
++
++#: suauth.5.xml:7(refmiscinfo) shadow.5.xml:7(refmiscinfo)
++#: porttime.5.xml:7(refmiscinfo) passwd.5.xml:7(refmiscinfo)
++#: login.defs.5.xml:7(refmiscinfo) login.access.5.xml:7(refmiscinfo)
++#: limits.5.xml:7(refmiscinfo) gshadow.5.xml:7(refmiscinfo)
++#: faillog.5.xml:7(refmiscinfo)
++msgid "File Formats and Conversions"
++msgstr ""
++
++#: suauth.5.xml:11(refpurpose)
++msgid "detailed su control file"
++msgstr ""
++
++#: suauth.5.xml:16(command) suauth.5.xml:142(filename)
++msgid "/etc/suauth"
++msgstr "/etc/suauth"
++
++#: suauth.5.xml:22(para)
++msgid ""
++"The file <filename>/etc/suauth</filename> is referenced whenever the su "
++"command is called. It can change the behaviour of the su command, based upon:"
++msgstr ""
++
++#. .RS
++#: suauth.5.xml:29(literallayout)
++#, no-wrap
++msgid ""
++"\n"
++"      1) the user su is targetting\n"
++"    "
++msgstr ""
++
++#. .fi
++#: suauth.5.xml:33(para)
++msgid ""
++"2) the user executing the su command (or any groups he might be a member of)"
++msgstr ""
++
++#: suauth.5.xml:38(para)
++msgid ""
++"The file is formatted like this, with lines starting with a # being treated "
++"as comment lines and ignored;"
++msgstr ""
++
++#: suauth.5.xml:43(literallayout)
++#, no-wrap
++msgid ""
++"\n"
++"      to-id:from-id:ACTION\n"
++"    "
++msgstr ""
++
++#: suauth.5.xml:47(para)
++msgid ""
++"Where to-id is either the word <emphasis>ALL</emphasis>, a list of usernames "
++"delimited by \",\" or the words <emphasis>ALL EXCEPT</emphasis> followed by "
++"a list of usernames delimited by \",\""
++msgstr ""
++
++#: suauth.5.xml:53(para)
++msgid ""
++"from-id is formatted the same as to-id except the extra word "
++"<emphasis>GROUP</emphasis> is recognised. <emphasis>ALL EXCEPT GROUP</"
++"emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
++"appears one or more group names, delimited by \",\". It is not sufficient to "
++"have primary group id of the relevant group, an entry in "
++"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
++"manvolnum></citerefentry> is neccessary."
++msgstr ""
++
++#: suauth.5.xml:64(para)
++msgid "Action can be one only of the following currently supported options."
++msgstr ""
++
++#: suauth.5.xml:70(emphasis)
++msgid "DENY"
++msgstr "DENY"
++
++#: suauth.5.xml:73(para)
++msgid "The attempt to su is stopped before a password is even asked for."
++msgstr ""
++
++#: suauth.5.xml:80(emphasis)
++msgid "NOPASS"
++msgstr "NOPASS"
++
++#: suauth.5.xml:83(para)
++msgid ""
++"The attempt to su is automatically successful; no password is asked for."
++msgstr ""
++
++#: suauth.5.xml:91(emphasis)
++msgid "OWNPASS"
++msgstr "OWNPASS"
++
++#: suauth.5.xml:94(para)
++msgid ""
++"For the su command to be successful, the user must enter his or her own "
++"password. They are told this."
++msgstr ""
++
++#: suauth.5.xml:102(para)
++msgid ""
++"Note there are three separate fields delimited by a colon. No whitespace "
++"must surround this colon. Also note that the file is examined sequentially "
++"line by line, and the first applicable rule is used without examining the "
++"file further. This makes it possible for a system administrator to exercise "
++"as fine control as he or she wishes."
++msgstr ""
++
++#: suauth.5.xml:112(title)
++msgid "EXAMPLE"
++msgstr ""
++
++#: suauth.5.xml:113(literallayout)
++#, no-wrap
++msgid ""
++"\n"
++"      # sample /etc/suauth file\n"
++"      #\n"
++"      # A couple of privileged usernames may\n"
++"      # su to root with their own password.\n"
++"      #\n"
++"      root:chris,birddog:OWNPASS\n"
++"      #\n"
++"      # Anyone else may not su to root unless in\n"
++"      # group wheel. This is how BSD does things.\n"
++"      #\n"
++"      root:ALL EXCEPT GROUP wheel:DENY\n"
++"      #\n"
++"      # Perhaps terry and birddog are accounts\n"
++"      # owned by the same person.\n"
++"      # Access can be arranged between them\n"
++"      # with no password.\n"
++"      #\n"
++"      terry:birddog:NOPASS\n"
++"      birddog:terry:NOPASS\n"
++"      #\n"
++"    "
++msgstr ""
++
++#: suauth.5.xml:149(title) pwconv.8.xml:98(title) login.defs.5.xml:239(title)
++msgid "BUGS"
++msgstr ""
++
++#: suauth.5.xml:150(para)
++msgid ""
++"There could be plenty lurking. The file parser is particularly unforgiving "
++"about syntax errors, expecting no spurious whitespace (apart from beginning "
++"and end of lines), and a specific token delimiting different things."
++msgstr ""
++
++#: suauth.5.xml:159(title) shadow.3.xml:154(title)
++msgid "DIAGNOSTICS"
++msgstr ""
++
++#: suauth.5.xml:160(para)
++msgid ""
++"An error parsing the file is reported using "
++"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry> as level ERR on facility AUTH."
++msgstr ""
++
++#: suauth.5.xml:169(para)
++msgid ""
++"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>."
++
++#: su.1.xml:5(refentrytitle) su.1.xml:10(refname) su.1.xml:15(command)
++msgid "su"
++msgstr "su"
++
++#: su.1.xml:7(refmiscinfo) sg.1.xml:7(refmiscinfo) passwd.1.xml:7(refmiscinfo)
++#: newgrp.1.xml:7(refmiscinfo) login.1.xml:7(refmiscinfo)
++#: groups.1.xml:7(refmiscinfo) gpasswd.1.xml:7(refmiscinfo)
++#: expiry.1.xml:7(refmiscinfo) chsh.1.xml:7(refmiscinfo)
++#: chfn.1.xml:7(refmiscinfo) chage.1.xml:7(refmiscinfo)
++msgid "User Commands"
++msgstr "Dienstprogramme für Benutzer"
++
++#: su.1.xml:11(refpurpose)
++msgid "change user ID or become superuser"
++msgstr ""
++
++#: su.1.xml:29(para)
++msgid ""
++"The <command>su</command> command is used to become another user during a "
++"login session. Invoked without a <option>username</option>, <command>su</"
++"command> defaults to becoming the superuser. The optional argument <option>-"
++"</option> may be used to provide an environment similar to what the user "
++"would expect had the user logged in directly."
++msgstr ""
++
++#: su.1.xml:38(para)
++msgid ""
++"Additional arguments may be provided after the username, in which case they "
++"are supplied to the user's login shell. In particular, an argument of "
++"<option>-c</option> will cause the next argument to be treated as a command "
++"by most command interpreters. The command will be executed by the shell "
++"specified in <filename>/etc/passwd</filename> for the target user."
++msgstr ""
++
++#: su.1.xml:47(para)
++msgid ""
++"You can use the <option>--</option> argument to separate <command>su</"
++"command> options from the arguments supplied to the shell."
++msgstr ""
++
++#: su.1.xml:52(para)
++msgid ""
++"The user will be prompted for a password, if appropriate. Invalid passwords "
++"will produce an error message. All attempts, both valid and invalid, are "
++"logged to detect abuse of the system."
++msgstr ""
++
++#: su.1.xml:57(para)
++msgid ""
++"The current environment is passed to the new shell. The value of <envar>"
++"$PATH</envar> is reset to <filename>/bin:/usr/bin</filename> for normal "
++"users, or <filename>/sbin:/bin:/usr/sbin:/usr/bin</filename> for the "
++"superuser. This may be changed with the <emphasis>ENV_PATH</emphasis> and "
++"<emphasis>ENV_SUPATH</emphasis> definitions in <filename>/etc/login.defs</"
++"filename>."
++msgstr ""
++
++#: su.1.xml:66(para) login.1.xml:97(para)
++msgid ""
++"A subsystem login is indicated by the presence of a \"*\" as the first "
++"character of the login shell. The given home directory will be used as the "
++"root of a new file system which the user is actually logged into."
++msgstr ""
++
++#: su.1.xml:75(para)
++#, fuzzy
++msgid "The options which apply to the <command>su</command> command are:"
++msgstr ""
++"Die Optionen, die vom Befehl <command>passwd</command> unterstützt werden, "
++"sind:"
++
++#: su.1.xml:79(term)
++#, fuzzy
++msgid ""
++"<option>-c</option>, <option>--command</option><replaceable>COMMAND</"
++"replaceable>"
++msgstr ""
++"<option>-m</option>, <option>--mindays</option><replaceable>MIN_TAGE</"
++"replaceable>"
++
++#: su.1.xml:84(para)
++msgid ""
++"Specify a command that will be invoked by the shell using its <option>-c</"
++"option>."
++msgstr ""
++
++#: su.1.xml:91(term)
++msgid "<option>-</option>, <option>-l</option>, <option>--login</option>"
++msgstr "<option>-</option>, <option>-l</option>, <option>--login</option>"
++
++#: su.1.xml:95(para)
++msgid ""
++"Provide an environment similar to what the user would expect had the user "
++"logged in directly."
++msgstr ""
++
++#: su.1.xml:99(para)
++msgid ""
++"When <option>-</option> is used, it must be specified as the last "
++"<command>su</command> option. The other forms (<option>-l</option> and "
++"<option>--login</option>) do not have this restriction."
++msgstr ""
++
++#: su.1.xml:113(para)
++msgid "The shell that will be invoked."
++msgstr ""
++
++#: su.1.xml:118(para)
++msgid "The shell specified with --shell."
++msgstr ""
++
++#: su.1.xml:121(para)
++msgid ""
++"If <option>--preserve-environment</option> is used, the shell specified by "
++"the <envar>$SHELL</envar> environment variable."
++msgstr ""
++
++#: su.1.xml:128(para)
++msgid ""
++"The shell indicated in the <filename>/etc/passwd</filename> entry for the "
++"target user."
++msgstr ""
++
++#: su.1.xml:134(para)
++msgid ""
++"<filename>/bin/sh</filename> if a shell could not be found by any above "
++"method."
++msgstr ""
++
++#: su.1.xml:114(para)
++msgid ""
++"The invoked shell is chosen from (highest priority first): <placeholder-1/>"
++msgstr ""
++
++#: su.1.xml:141(para)
++msgid ""
++"If the target user has a restricted shell (i.e. the shell field of this "
++"user's entry in <filename>/etc/passwd</filename> is not listed in <filename>/"
++"etc/shell</filename>), then the <option>--shell</option> option or the "
++"<envar>$SHELL</envar> environment variable won't be taken into account, "
++"unless <command>su</command> is called by root."
++msgstr ""
++
++#: su.1.xml:152(term)
++msgid ""
++"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
++"option>"
++msgstr ""
++"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
++"option>"
++
++#: su.1.xml:157(para)
++msgid "Preserve the current environment."
++msgstr ""
++
++#: su.1.xml:158(para)
++msgid ""
++"If the target user has a restricted shell, this option has no effect (unless "
++"<command>su</command> is called by root)."
++msgstr ""
++
++#: su.1.xml:169(para)
++msgid ""
++"This version of <command>su</command> has many compilation options, only "
++"some of which may be in use at any particular site."
++msgstr ""
++
++#: su.1.xml:195(para)
++msgid ""
++"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>login.defs</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
++"manvolnum></citerefentry>"
++msgstr ""
++"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>login.defs</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
++"manvolnum></citerefentry>"
++
++#: sg.1.xml:5(refentrytitle) sg.1.xml:10(refname) sg.1.xml:16(command)
++msgid "sg"
++msgstr "sg"
++
++#: sg.1.xml:11(refpurpose)
++msgid "execute command as different group ID"
++msgstr ""
++
++#: sg.1.xml:17(arg) newgrp.1.xml:16(arg)
++msgid "-"
++msgstr "-"
++
++#: sg.1.xml:19(arg) expiry.1.xml:17(arg)
++msgid "-c"
++msgstr "-c"
++
++#: sg.1.xml:18(arg)
++msgid "group <placeholder-1/> command"
++msgstr ""
++
++#: sg.1.xml:27(para)
++msgid ""
++"The <command>sg</command> command works similar to <command>newgrp</command> "
++"but accepts a command. The command will be executed with the <filename>/bin/"
++"sh</filename> shell. With most shells you may run <command>sg</command> "
++"from, you need to enclose multi-word commands in quotes. Another difference "
++"between <command>newgrp</command> and <command>sg</command> is that some "
++"shells treat <command>newgrp</command> specially, replacing themselves with "
++"a new instance of a shell that <command>newgrp</command> creates. This "
++"doesn't happen with <command>sg</command>, so upon exit from a <command>sg</"
++"command> command you are returned to your previous group ID."
++msgstr ""
++
++#: sg.1.xml:74(para)
++msgid ""
++"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>login</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>gshadow</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>"
++msgstr ""
++"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>login</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>gshadow</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>"
++
++#: shadow.5.xml:5(refentrytitle) shadow.5.xml:10(refname)
++#: shadow.3.xml:5(refentrytitle) shadow.3.xml:10(refname)
++#: pwck.8.xml:24(replaceable) pwck.8.xml:37(replaceable)
++#: grpck.8.xml:19(replaceable)
++msgid "shadow"
++msgstr "shadow"
++
++#: shadow.5.xml:11(refpurpose)
++msgid "encrypted password file"
++msgstr ""
++
++#: shadow.5.xml:16(para)
++msgid ""
++"<emphasis remap=\"I\">shadow</emphasis> contains the encrypted password "
++"information for user's accounts and optional the password aging information. "
++"Included is:"
++msgstr ""
++
++#: shadow.5.xml:23(para) passwd.5.xml:24(para)
++msgid "login name"
++msgstr ""
++
++#: shadow.5.xml:26(para) gshadow.5.xml:26(para)
++msgid "encrypted password"
++msgstr ""
++
++#: shadow.5.xml:29(para)
++msgid "days since Jan 1, 1970 that password was last changed"
++msgstr ""
++
++#: shadow.5.xml:32(para)
++msgid "days before password may be changed"
++msgstr ""
++
++#: shadow.5.xml:35(para)
++msgid "days after which password must be changed"
++msgstr ""
++
++#: shadow.5.xml:38(para)
++msgid "days before password is to expire that user is warned"
++msgstr ""
++
++#: shadow.5.xml:41(para)
++msgid "days after password expires that account is disabled"
++msgstr ""
++
++#: shadow.5.xml:44(para)
++msgid "days since Jan 1, 1970 that account is disabled"
++msgstr ""
++
++#: shadow.5.xml:47(para)
++msgid "a reserved field"
++msgstr ""
++
++#: shadow.5.xml:51(para)
++msgid ""
++"The password field must be filled. The encrypted password consists of 13 to "
++"24 characters from the 64 characters alphabet a thru z, A thru Z, 0 thru 9, "
++"\\. and /. Optionally it can start with a \"$\" character. This means the "
++"encrypted password was generated using another (not DES) algorithm. For "
++"example if it starts with \"$1$\" it means the MD5-based algorithm was used."
++msgstr ""
++
++#: shadow.5.xml:60(para)
++msgid ""
++"Refer to <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
++"manvolnum></citerefentry> for details on how this string is interpreted."
++msgstr ""
++
++#: shadow.5.xml:68(para)
++msgid ""
++"If the password field contains some string that is not valid result of "
++"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
++"citerefentry>, for instance ! or *, the user will not be able to use a unix "
++"password to log in, subject to <citerefentry><refentrytitle>pam</"
++"refentrytitle><manvolnum>7</manvolnum></citerefentry>."
++msgstr ""
++
++#: shadow.5.xml:77(para)
++msgid ""
++"The date of the last password change is given as the number of days since "
++"Jan 1, 1970. The password may not be changed again until the proper number "
++"of days have passed, and must be changed after the maximum number of days. "
++"If the minimum number of days required is greater than the maximum number of "
++"day allowed, this password may not be changed by the user."
++msgstr ""
++
++#: shadow.5.xml:86(para)
++msgid ""
++"An account is considered to be inactive and is disabled if the password is "
++"not changed within the specified number of days after the password expires. "
++"An account will also be disabled on the specified day regardless of other "
++"password expiration information."
++msgstr ""
++
++#: shadow.5.xml:93(para)
++msgid ""
++"This information supersedes any password or password age information present "
++"in <filename>/etc/passwd</filename>."
++msgstr ""
++
++#: shadow.5.xml:98(para) gshadow.5.xml:54(para)
++msgid ""
++"This file must not be readable by regular users if password security is to "
++"be maintained."
++msgstr ""
++
++#: shadow.5.xml:124(para)
++msgid ""
++"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>login</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>passwd</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>pwconv</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>login</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>passwd</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>pwconv</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
++
++#: shadow.3.xml:7(refmiscinfo)
++msgid "Library Calls"
++msgstr ""
++
++#: shadow.3.xml:11(refname)
++msgid "getspnam"
++msgstr "getspnam"
++
++#: shadow.3.xml:12(refpurpose)
++msgid "encrypted password file routines"
++msgstr ""
++
++#: shadow.3.xml:16(title)
++msgid "SYNTAX"
++msgstr ""
++
++#: shadow.3.xml:18(emphasis)
++msgid "#include &lt;shadow.h&gt;"
++msgstr "#include &lt;shadow.h&gt;"
++
++#: shadow.3.xml:22(emphasis)
++msgid "struct spwd *getspent();"
++msgstr "struct spwd *getspent();"
++
++#: shadow.3.xml:26(emphasis)
++msgid "struct spwd *getspnam(char"
++msgstr "truct spwd *getspnam(char"
++
++#: shadow.3.xml:27(emphasis)
++msgid "*name"
++msgstr ""
++
++#: shadow.3.xml:27(emphasis) shadow.3.xml:40(emphasis)
++#: shadow.3.xml:45(emphasis) shadow.3.xml:51(emphasis)
++msgid ");"
++msgstr ");"
++
++#: shadow.3.xml:31(emphasis)
++msgid "void setspent();"
++msgstr "void setspent();"
++
++#: shadow.3.xml:35(emphasis)
++msgid "void endspent();"
++msgstr "void endspent();"
++
++#: shadow.3.xml:39(emphasis)
++msgid "struct spwd *fgetspent(FILE"
++msgstr "struct spwd *fgetspent(FILE"
++
++#: shadow.3.xml:40(emphasis) shadow.3.xml:51(emphasis)
++msgid "*fp"
++msgstr "*fp"
++
++#: shadow.3.xml:44(emphasis)
++msgid "struct spwd *sgetspent(char"
++msgstr "struct spwd *sgetspent(char"
++
++#: shadow.3.xml:45(emphasis)
++msgid "*cp"
++msgstr "*cp"
++
++#: shadow.3.xml:49(emphasis)
++msgid "int putspent(struct spwd"
++msgstr "int putspent(struct spwd"
++
++#: shadow.3.xml:50(emphasis)
++msgid "*p,"
++msgstr "*p,"
++
++#: shadow.3.xml:50(emphasis)
++#, fuzzy
++msgid "FILE"
++msgstr "DATEIEN"
++
++#: shadow.3.xml:55(emphasis)
++msgid "int lckpwdf();"
++msgstr "int lckpwdf();"
++
++#: shadow.3.xml:59(emphasis)
++msgid "int ulckpwdf();"
++msgstr "int ulckpwdf();"
++
++#: shadow.3.xml:65(para)
++msgid ""
++"<emphasis remap=\"I\">shadow</emphasis> manipulates the contents of the "
++"shadow password file, <filename>/etc/shadow</filename>. The structure in the "
++"<emphasis remap=\"I\">#include</emphasis> file is:"
++msgstr ""
++
++#: shadow.3.xml:70(programlisting)
++#, no-wrap
++msgid ""
++"struct spwd {\n"
++"      char\t\t*sp_namp; /* user login name */\n"
++"      char\t\t*sp_pwdp; /* encrypted password */\n"
++"      long int\t\tsp_lstchg; /* last password change */\n"
++"      long int\t\tsp_min; /* days until change allowed. */\n"
++"      long int\t\tsp_max; /* days before change required */\n"
++"      long int\t\tsp_warn; /* days warning for expiration */\n"
++"      long int\t\tsp_inact; /* days before account inactive */\n"
++"      long int\t\tsp_expire; /* date when account expires */\n"
++"      unsigned long int\tsp_flag; /* reserved for future use */\n"
++"}\n"
++"    "
++msgstr ""
++
++#: shadow.3.xml:82(para)
++msgid "The meanings of each field are:"
++msgstr ""
++
++#: shadow.3.xml:85(para)
++msgid "sp_namp - pointer to null-terminated user name"
++msgstr ""
++
++#: shadow.3.xml:88(para)
++msgid "sp_pwdp - pointer to null-terminated password"
++msgstr ""
++
++#: shadow.3.xml:91(para)
++msgid "sp_lstchg - days since Jan 1, 1970 password was last changed"
++msgstr ""
++
++#: shadow.3.xml:94(para)
++msgid "sp_min - days before which password may not be changed"
++msgstr ""
++
++#: shadow.3.xml:97(para)
++msgid "sp_max - days after which password must be changed"
++msgstr ""
++
++#: shadow.3.xml:100(para)
++msgid ""
++"sp_warn - days before password is to expire that user is warned of pending "
++"password expiration"
++msgstr ""
++
++#: shadow.3.xml:105(para)
++msgid ""
++"sp_inact - days after password expires that account is considered inactive "
++"and disabled"
++msgstr ""
++
++#: shadow.3.xml:110(para)
++msgid "sp_expire - days since Jan 1, 1970 when account will be disabled"
++msgstr ""
++
++#: shadow.3.xml:113(para)
++msgid "sp_flag - reserved for future use"
++msgstr ""
++
++#: shadow.3.xml:121(para)
++msgid ""
++"<emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>, "
++"<emphasis>fgetspent</emphasis>, and <emphasis>sgetspent</emphasis> each "
++"return a pointer to a <emphasis>struct spwd</emphasis>. <emphasis>getspent</"
++"emphasis> returns the next entry from the file, and <emphasis>fgetspent</"
++"emphasis> returns the next entry from the given stream, which is assumed to "
++"be a file of the proper format. <emphasis>sgetspent</emphasis> returns a "
++"pointer to a <emphasis>struct spwd</emphasis> using the provided string as "
++"input. <emphasis>getspnam</emphasis> searches from the current position in "
++"the file for an entry matching <emphasis>name</emphasis>."
++msgstr ""
++
++#: shadow.3.xml:134(para)
++msgid ""
++"<emphasis>setspent</emphasis> and <emphasis>endspent</emphasis> may be used "
++"to begin and end, respectively, access to the shadow password file."
++msgstr ""
++
++#: shadow.3.xml:140(para)
++msgid ""
++"The <emphasis>lckpwdf</emphasis> and <emphasis>ulckpwdf</emphasis> routines "
++"should be used to insure exclusive access to the <filename>/etc/shadow</"
++"filename> file. <emphasis>lckpwdf</emphasis> attempts to acquire a lock "
++"using <emphasis>pw_lock</emphasis> for up to 15 seconds. It continues by "
++"attempting to acquire a second lock using <emphasis>spw_lock</emphasis> for "
++"the remainder of the initial 15 seconds. Should either attempt fail after a "
++"total of 15 seconds, <emphasis>lckpwdf</emphasis> returns -1. When both "
++"locks are acquired 0 is returned."
++msgstr ""
++
++#: shadow.3.xml:155(para)
++msgid ""
++"Routines return NULL if no more entries are available or if an error occurs "
++"during processing. Routines which have <emphasis>int</emphasis> as the "
++"return value return 0 for success and -1 for failure."
++msgstr ""
++
++#: shadow.3.xml:165(para)
++msgid ""
++"These routines may only be used by the superuser as access to the shadow "
++"password file is restricted."
++msgstr ""
++
++#: shadow.3.xml:185(para)
++msgid ""
++"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
++
++#: pwconv.8.xml:5(refentrytitle) pwconv.8.xml:10(refname)
++#: pwconv.8.xml:19(command) login.defs.5.xml:204(term)
++msgid "pwconv"
++msgstr "pwconv"
++
++#: pwconv.8.xml:11(refname) pwconv.8.xml:22(command)
++msgid "pwunconv"
++msgstr "pwunconv"
++
++#: pwconv.8.xml:12(refname) pwconv.8.xml:25(command)
++msgid "grpconv"
++msgstr "grpconv"
++
++#: pwconv.8.xml:13(refname) pwconv.8.xml:28(command)
++msgid "grpunconv"
++msgstr "grpunconv"
++
++#: pwconv.8.xml:14(refpurpose)
++msgid "convert to and from shadow passwords and groups"
++msgstr ""
++
++#: pwconv.8.xml:34(para)
++msgid ""
++"The <command>pwconv</command> command creates <emphasis remap=\"I\">shadow</"
++"emphasis> from <emphasis remap=\"I\">passwd</emphasis> and an optionally "
++"existing <emphasis remap=\"I\">shadow</emphasis>."
++msgstr ""
++
++#: pwconv.8.xml:40(para)
++msgid ""
++"The <command>pwunconv</command> command creates <emphasis remap=\"I"
++"\">passwd</emphasis> from <emphasis remap=\"I\">passwd</emphasis> and "
++"<emphasis remap=\"I\">shadow</emphasis> and then removes <emphasis remap=\"I"
++"\">shadow</emphasis>."
++msgstr ""
++
++#: pwconv.8.xml:47(para)
++msgid ""
++"The <command>grpconv</command> command creates <emphasis remap=\"I"
++"\">gshadow</emphasis> from <emphasis remap=\"I\">group</emphasis> and an "
++"optionally existing <emphasis remap=\"I\">gshadow</emphasis>."
++msgstr ""
++
++#: pwconv.8.xml:53(para)
++msgid ""
++"The <command>grpunconv</command> command creates <emphasis remap=\"I"
++"\">group</emphasis> from <emphasis remap=\"I\">group</emphasis> and "
++"<emphasis remap=\"I\">gshadow</emphasis> and then removes <emphasis remap=\"I"
++"\">gshadow</emphasis>."
++msgstr ""
++
++#: pwconv.8.xml:60(para)
++msgid ""
++"These four programs all operate on the normal and shadow password and group "
++"files: <filename>/etc/passwd</filename>, <filename>/etc/group</filename>, "
++"<filename>/etc/shadow</filename>, and <filename>/etc/gshadow</filename>."
++msgstr ""
++
++#: pwconv.8.xml:67(para)
++msgid ""
++"Each program acquires the necessary locks before conversion. "
++"<command>pwconv</command> and <command>grpconv</command> are similar. First, "
++"entries in the shadowed file which don't exist in the main file are removed. "
++"Then, shadowed entries which don't have `x' as the password in the main file "
++"are updated. Any missing shadowed entries are added. Finally, passwords in "
++"the main file are replaced with `x'. These programs can be used for initial "
++"conversion as well to update the shadowed file if the main file is edited by "
++"hand."
++msgstr ""
++
++#: pwconv.8.xml:78(para)
++msgid ""
++"<command>pwconv</command> will use the values of <emphasis remap=\"I"
++"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis>, "
++"and <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> from <filename>/etc/login."
++"defs</filename> when adding new entries to <filename>/etc/shadow</filename>."
++msgstr ""
++
++#: pwconv.8.xml:87(para)
++msgid ""
++"Likewise <command>pwunconv</command> and <command>grpunconv</command> are "
++"similar. Passwords in the main file are updated from the shadowed file. "
++"Entries which exist in the main file but not in the shadowed file are left "
++"alone. Finally, the shadowed file is removed. Some password aging "
++"information is lost by <command>pwunconv</command>. It will convert what it "
++"can."
++msgstr ""
++
++#: pwconv.8.xml:99(para)
++msgid ""
++"Errors in the password or group files (such as invalid or duplicate entries) "
++"may cause these programs to loop forever or fail in other strange ways. "
++"Please run <command>pwck</command> and <command>grpck</command> to correct "
++"any such errors before converting to or from shadow passwords or groups."
++msgstr ""
++
++#: pwconv.8.xml:122(para)
++msgid ""
++"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>login.defs</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
++"citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>login.defs</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
++"citerefentry>."
++
++#: pwck.8.xml:5(refentrytitle) pwck.8.xml:10(refname) pwck.8.xml:16(command)
++#: pwck.8.xml:29(command)
++msgid "pwck"
++msgstr "pwck"
++
++#: pwck.8.xml:11(refpurpose)
++msgid "verify integrity of password files"
++msgstr ""
++
++#: pwck.8.xml:17(arg) pwck.8.xml:30(arg) pwck.8.xml:103(option)
++msgid "-q"
++msgstr "-q"
++
++#: pwck.8.xml:18(arg) pwck.8.xml:124(option)
++msgid "-s"
++msgstr "-s"
++
++#: pwck.8.xml:21(replaceable) pwck.8.xml:34(replaceable)
++#: passwd.5.xml:5(refentrytitle) passwd.5.xml:10(refname)
++#: passwd.1.xml:5(refentrytitle) passwd.1.xml:10(refname)
++#: passwd.1.xml:16(command)
++msgid "passwd"
++msgstr "passwd"
++
++#: pwck.8.xml:31(arg) pwck.8.xml:114(option) login.1.xml:148(option)
++#: grpck.8.xml:16(arg)
++msgid "-r"
++msgstr "-r"
++
++#: pwck.8.xml:45(para)
++msgid ""
++"The <command>pwck</command> command verifies the integrity of the system "
++"authentication information. All entries in the <filename>/etc/passwd</"
++"filename> and <filename>/etc/shadow</filename> are checked to see that the "
++"entry has the proper format and valid data in each field. The user is "
++"prompted to delete entries that are improperly formatted or which have other "
++"uncorrectable errors."
++msgstr ""
++
++#: pwck.8.xml:54(para) grpck.8.xml:35(para)
++msgid "Checks are made to verify that each entry has:"
++msgstr ""
++
++#: pwck.8.xml:57(para) grpck.8.xml:39(para)
++msgid "the correct number of fields"
++msgstr ""
++
++#: pwck.8.xml:60(para)
++msgid "a unique user name"
++msgstr ""
++
++#: pwck.8.xml:63(para)
++msgid "a valid user and group identifier"
++msgstr ""
++
++#: pwck.8.xml:66(para)
++msgid "a valid primary group"
++msgstr ""
++
++#: pwck.8.xml:69(para)
++msgid "a valid home directory"
++msgstr ""
++
++#: pwck.8.xml:72(para)
++msgid "a valid login shell"
++msgstr ""
++
++#: pwck.8.xml:76(para)
++msgid ""
++"The checks for correct number of fields and unique user name are fatal. If "
++"the entry has the wrong number of fields, the user will be prompted to "
++"delete the entire line. If the user does not answer affirmatively, all "
++"further checks are bypassed. An entry with a duplicated user name is "
++"prompted for deletion, but the remaining checks will still be made. All "
++"other errors are warning and the user is encouraged to run the "
++"<command>usermod</command> command to correct the error."
++msgstr ""
++
++#: pwck.8.xml:87(para)
++msgid ""
++"The commands which operate on the <filename>/etc/passwd</filename> file are "
++"not able to alter corrupted or duplicated entries. <command>pwck</command> "
++"should be used in those circumstances to remove the offending entry."
++msgstr ""
++
++#: pwck.8.xml:97(para)
++#, fuzzy
++msgid "The options which apply to the <command>pwck</command> command are:"
++msgstr ""
++"Die Optionen, die vom Befehl <command>passwd</command> unterstützt werden, "
++"sind:"
++
++#: pwck.8.xml:106(para)
++msgid ""
++"Report errors only. The warnings which do not require any action from the "
++"user won't be displayed."
++msgstr ""
++
++#: pwck.8.xml:117(para)
++#, fuzzy
++msgid "Execute the <command>pwck</command> command in read-only mode."
++msgstr ""
++"Die Optionen, die vom Befehl <command>passwd</command> unterstützt werden, "
++"sind:"
++
++#: pwck.8.xml:127(para)
++msgid ""
++"Sort entries in <filename>/etc/passwd</filename> and <filename>/etc/shadow</"
++"filename> by UID."
++msgstr ""
++
++#: pwck.8.xml:135(para)
++msgid ""
++"By default, <command>pwck</command> operates on the files <filename>/etc/"
++"passwd</filename> and <filename>/etc/shadow</filename>. The user may select "
++"alternate files with the <emphasis remap=\"I\">passwd</emphasis> and "
++"<emphasis remap=\"I\">shadow</emphasis> parameters."
++msgstr ""
++
++#: pwck.8.xml:170(para)
++msgid ""
++"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>passwd</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>usermod</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>passwd</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>usermod</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
++
++#: pwck.8.xml:205(para)
++msgid "one or more bad password entries"
++msgstr ""
++
++#: pwck.8.xml:211(para)
++#, fuzzy
++msgid "can't open password files"
++msgstr "ändert das Passwort eines Benutzers"
++
++#: pwck.8.xml:217(para)
++msgid "can't lock password files"
++msgstr ""
++
++#: pwck.8.xml:223(para)
++#, fuzzy
++msgid "can't update password files"
++msgstr "ändert das Passwort eines Benutzers"
++
++#: pwck.8.xml:187(para)
++#, fuzzy
++msgid ""
++"The <command>pwck</command> command exits with the following values: "
++"<placeholder-1/>"
++msgstr ""
++"Der Befehl <command>passwd</command> gibt beim Beenden folgende Werte "
++"zurück: <placeholder-1/>"
++
++#: porttime.5.xml:5(refentrytitle) porttime.5.xml:10(refname)
++msgid "porttime"
++msgstr ""
++
++#: porttime.5.xml:11(refpurpose)
++msgid "port access time file"
++msgstr ""
++
++#: porttime.5.xml:16(para)
++msgid ""
++"<emphasis remap=\"I\">porttime</emphasis> contains a list of tty devices, "
++"user names, and permitted login times."
++msgstr ""
++
++#: porttime.5.xml:21(para)
++msgid ""
++"Each entry consists of three colon separated fields. The first field is a "
++"comma separated list of tty devices, or an asterisk to indicate that all tty "
++"devices are matched by this entry. The second field is a comma separated "
++"list of user names, or an asterisk to indicated that all user names are "
++"matched by this entry. The third field is a comma separated list of "
++"permitted access times."
++msgstr ""
++
++#: porttime.5.xml:30(para)
++msgid ""
++"Each access time entry consists of zero or more days of the week, "
++"abbreviated <emphasis>Su</emphasis>, <emphasis>Mo</emphasis>, <emphasis>Tu</"
++"emphasis>, <emphasis>We</emphasis>, <emphasis>Th</emphasis>, <emphasis>Fr</"
++"emphasis>, and <emphasis>Sa</emphasis>, followed by a pair of times "
++"separated by a hyphen. The abbreviation <emphasis>Wk</emphasis> may be used "
++"to represent Monday thru Friday, and <emphasis>Al</emphasis> may be used to "
++"indicate every day. If no days are given, <emphasis>Al</emphasis> is assumed."
++msgstr ""
++
++#: porttime.5.xml:44(title)
++#, fuzzy
++msgid "EXAMPLES"
++msgstr "RÜCKGABEWERTE"
++
++#: porttime.5.xml:45(para)
++msgid ""
++"The following entry allows access to user <emphasis remap=\"B\">jfh</"
++"emphasis> on every port during weekdays from 9am to 5pm."
++msgstr ""
++
++#: porttime.5.xml:51(para)
++msgid "*:jfh:Wk0900-1700"
++msgstr "*:jfh:Wk0900-1700"
++
++#: porttime.5.xml:53(para)
++msgid ""
++"The following entries allow access only to the users <emphasis>root</"
++"emphasis> and <emphasis>oper</emphasis> on <filename>/dev/console</filename> "
++"at any time. This illustrates how the <filename>/etc/porttime</filename> "
++"file is an ordered list of access times. Any other user would match the "
++"second entry which does not permit access at any time."
++msgstr ""
++
++#: porttime.5.xml:62(programlisting)
++#, no-wrap
++msgid ""
++"\n"
++"      console:root,oper:Al0000-2400\n"
++"      console:*:\n"
++"    "
++msgstr ""
++"\n"
++"      console:root,oper:Al0000-2400\n"
++"      console:*:\n"
++"    "
++
++#: porttime.5.xml:67(para)
++msgid ""
++"The following entry allows access for the user <emphasis>games</emphasis> on "
++"any port during non-working hours."
++msgstr ""
++
++#: porttime.5.xml:72(para)
++msgid "*:games:Wk1700-0900,SaSu0000-2400"
++msgstr ""
++
++#: porttime.5.xml:79(filename) logoutd.8.xml:38(filename)
++msgid "/etc/porttime"
++msgstr "/etc/porttime"
++
++#: porttime.5.xml:81(para) logoutd.8.xml:40(para)
++msgid "File containing port access."
++msgstr ""
++
++#: porttime.5.xml:89(para) login.access.5.xml:79(para)
++msgid ""
++"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>."
++
++#: passwd.5.xml:11(refpurpose)
++msgid "the password file"
++msgstr ""
++
++#: passwd.5.xml:16(para)
++msgid ""
++"<filename>/etc/passwd</filename> contains one line for each user account, "
++"with seven fields delimited by colons (<quote>:</quote>). These fields are:"
++msgstr ""
++
++#: passwd.5.xml:27(para)
++msgid "optional encrypted password"
++msgstr ""
++
++#: passwd.5.xml:30(para)
++msgid "numerical user ID"
++msgstr ""
++
++#: passwd.5.xml:33(para)
++msgid "numerical group ID"
++msgstr ""
++
++#: passwd.5.xml:36(para)
++msgid "user name or comment field"
++msgstr ""
++
++#: passwd.5.xml:39(para)
++msgid "user home directory"
++msgstr ""
++
++#: passwd.5.xml:42(para)
++msgid "optional user command interpreter"
++msgstr ""
++
++#: passwd.5.xml:46(para)
++msgid ""
++"The encrypted password field may be blank, in which case no password is "
++"required to authenticate as the specified login name. However, some "
++"applications which read the <filename>/etc/passwd</filename> file may decide "
++"not to permit <emphasis>any</emphasis> access at all if the "
++"<emphasis>password</emphasis> field is blank. If the <emphasis>password</"
++"emphasis> field is a lower-case <quote>x</quote>, then the encrypted "
++"password is actually stored in the <citerefentry><refentrytitle>shadow</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry> file instead; there "
++"<emphasis>must</emphasis> be a corresponding line in the <filename>/etc/"
++"shadow</filename> file, or else the user account is invalid. If the "
++"<emphasis>password</emphasis> field is any other string, then it will be "
++"treated as an encrypted password, as specified by "
++"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
++"citerefentry>."
++msgstr ""
++
++#: passwd.5.xml:65(para)
++msgid ""
++"The comment field is used by various system utilities, such as "
++"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>."
++msgstr ""
++
++#: passwd.5.xml:71(para)
++msgid ""
++"The home directory field provides the name of the initial working directory. "
++"The <command>login</command> program uses this information to set the value "
++"of the <envar>$HOME</envar> environmental variable."
++msgstr ""
++
++#: passwd.5.xml:77(para)
++msgid ""
++"The command interpreter field provides the name of the user's command "
++"language interpreter, or the name of the initial program to execute. The "
++"<command>login</command> program uses this information to set the value of "
++"the <envar>$SHELL</envar> environmental variable. If this field is empty, it "
++"defaults to the value <filename>/bin/sh</filename>."
++msgstr ""
++
++#: passwd.5.xml:98(para)
++msgid "optional encrypted password file"
++msgstr ""
++
++#: passwd.5.xml:106(para)
++msgid ""
++"<citerefentry><refentrytitle>getent</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>login</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
++"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>getent</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>login</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
++"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>."
++
++#: passwd.1.xml:11(refpurpose)
++msgid "change user password"
++msgstr "ändert das Passwort eines Benutzers"
++
++#: passwd.1.xml:28(para)
++#, fuzzy
++msgid ""
++"The <command>passwd</command> command changes passwords for user accounts. A "
++"normal user may only change the password for his/her own account, while the "
++"superuser may change the password for any account. <command>passwd</command> "
++"also changes account information, such as the full name of the user, the "
++"user's login shell, or his/her password expiry date and interval."
++msgstr ""
++"<command>passwd</command> ändert die Passwörter von Benutzerkonten. Ein "
++"normaler Benutzer kann nur das Passwort seines Kontos verändern, der "
++"Superuser dagegen kann die Passwörter aller Konten ändern. Mit "
++"<command>passwd</command> können auch die Informationen über das Konto wie "
++"der vollständige Name des Benutzers, seine Login-Shell und Verfallsdatum und "
++"-intervall des Passworts verändert werden."
++
++#: passwd.1.xml:38(title)
++msgid "Password Changes"
++msgstr "Verändern des Passworts"
++
++#: passwd.1.xml:39(para)
++#, fuzzy
++msgid ""
++"The user is first prompted for his/her old password, if one is present. This "
++"password is then encrypted and compared against the stored password. The "
++"user has only one chance to enter the correct password. The superuser is "
++"permitted to bypass this step so that forgotten passwords may be changed."
++msgstr ""
++"Der Benutzer wird zuerst nach seinem alten Passwort gefragt, falls eines "
++"vorhanden ist. Dieses Passwort wird dann verschlüsselt und mit dem "
++"abgespeicherten Passwort verglichen. Der Benutzer hat nur eine Gelegenheit, "
++"das richtige Passwort einzugeben. Der Superuser kann diesen Schritt "
++"überspringen, so dass vergessene Passwörter geändert werden können."
++
++#: passwd.1.xml:47(para)
++msgid ""
++"After the password has been entered, password aging information is checked "
++"to see if the user is permitted to change the password at this time. If not, "
++"<command>passwd</command> refuses to change the password and exits."
++msgstr ""
++"Nachdem das Passwort eingegeben wurde, werden Informationen über die "
++"Gültigkeitsdauer des Passworts abgefragt, um festzustellen, ob der Benutzer "
++"das Passwort zu dieser Zeit verändern darf. Wenn nicht, lehnt "
++"<command>passwd</command> die Änderung des Passworts ab und beendet sich."
++
++#: passwd.1.xml:54(para)
++msgid ""
++"The user is then prompted twice for a replacement password. The second entry "
++"is compared against the first and both are required to match in order for "
++"the password to be changed."
++msgstr ""
++"Der Benutzer wird dann aufgefordert, zweimal ein neues Passwort einzugeben. "
++"Beide Eingaben werden miteinander verglichen. Sie müssen übereinstimmen, "
++"damit das Passwort geändert wird."
++
++#: passwd.1.xml:60(para)
++msgid ""
++"Then, the password is tested for complexity. As a general guideline, "
++"passwords should consist of 6 to 8 characters including one or more "
++"characters from each of the following sets:"
++msgstr ""
++"Anschließend wird das Passwort auf seine Komplexität überprüft. Eine "
++"allgemeine Richtlinie ist, dass Passwörter aus sechs bis acht Zeichen "
++"bestehen sollten und ein oder mehrere Zeichen aus folgenden Mengen enthalten "
++"sollten:"
++
++#: passwd.1.xml:68(para)
++msgid "lower case alphabetics"
++msgstr "Kleinbuchstaben"
++
++#: passwd.1.xml:71(para)
++msgid "digits 0 thru 9"
++msgstr "Ziffern 0 bis 9"
++
++#: passwd.1.xml:74(para)
++msgid "punctuation marks"
++msgstr "Satzzeichen"
++
++#: passwd.1.xml:78(para)
++msgid ""
++"Care must be taken not to include the system default erase or kill "
++"characters. <command>passwd</command> will reject any password which is not "
++"suitably complex."
++msgstr ""
++"Seien Sie vorsichtig, dass Sie nicht die standardmäßigen Lösch- und Kill-"
++"Zeichen des Systems eingeben. <command>passwd</command> weist Passwörter "
++"zurück, die nicht hinreichend komplex sind."
++
++#: passwd.1.xml:87(title)
++msgid "Hints for user passwords"
++msgstr "Hinweise zu Benutzerpasswörtern"
++
++#: passwd.1.xml:88(para)
++msgid ""
++"The security of a password depends upon the strength of the encryption "
++"algorithm and the size of the key space. The <emphasis>UNIX</emphasis> "
++"System encryption method is based on the NBS DES algorithm and is very "
++"secure. The size of the key space depends upon the randomness of the "
++"password which is selected."
++msgstr ""
++"Die Sicherheit eines Passworts hängt von der Stärke des "
++"Verschlüsselungsalgorithmus und von der Größe des Schlüsselraums ab. Die "
++"Verschlüsselung auf <emphasis>UNIX</emphasis>-Systemen basiert auf dem NBS-"
++"DES-Algorithmus und ist sehr sicher. Die Größe des Schlüsselraums hängt von "
++"der Zufälligkeit des gewählten Passworts ab."
++
++#: passwd.1.xml:96(para)
++msgid ""
++"Compromises in password security normally result from careless password "
++"selection or handling. For this reason, you should not select a password "
++"which appears in a dictionary or which must be written down. The password "
++"should also not be a proper name, your license number, birth date, or street "
++"address. Any of these may be used as guesses to violate system security."
++msgstr ""
++"Gefahren für die Sicherheit von Passwörtern kommen gewöhnlich von sorgloser "
++"Wahl oder Handhabung des Passworts. Daher sollten Sie kein Passwort wählen, "
++"das in einem Wörterbuch auftaucht oder das aufgeschrieben werden muss. Das "
++"Passwort sollte somit kein echter Name, Ihr Autokennzeichen, Geburtstag oder "
++"Ihre Adresse sein. All das kann dazu verwendet werden, das Passwort zu "
++"erraten, und stellt daher eine Gefahr für die Sicherheit Ihres Systems dar."
++
++#: passwd.1.xml:105(para)
++msgid ""
++"Your password must be easily remembered so that you will not be forced to "
++"write it on a piece of paper. This can be accomplished by appending two "
++"small words together and separating each with a special character or digit. "
++"For example, Pass%word."
++msgstr ""
++"Sie müssen sich Ihr Passwort leicht merken können, damit Sie nicht gezwungen "
++"sind, es auf ein Stück Papier aufzuschreiben. Das können Sie dadurch "
++"erreichen, indem zwei kurze Wörter zusammengefügt werden und mit einem "
++"besonderen Zeichen oder einer Zahl getrennt werden. Zum Beispiel Pass%wort."
++
++#: passwd.1.xml:112(para)
++msgid ""
++"Other methods of construction involve selecting an easily remembered phrase "
++"from literature and selecting the first or last letter from each word. An "
++"example of this is:"
++msgstr ""
++"Eine andere Herangehensweise ist es, einen leicht zu merkenden Satz aus der "
++"Literatur zu wählen und den ersten oder letzten Buchstaben von jedem Wort zu "
++"nehmen. Ein Beispiel dafür:"
++
++#: passwd.1.xml:120(para)
++msgid "Ask not for whom the bell tolls"
++msgstr "Ich bin der Geist, der stets verneint"
++
++#: passwd.1.xml:123(para)
++msgid "which produces"
++msgstr "Das ergibt"
++
++#: passwd.1.xml:126(para)
++msgid "An4wtbt"
++msgstr "IbdGdsv"
++
++#: passwd.1.xml:130(para)
++msgid ""
++"You may be reasonably sure few crackers will have included this in their "
++"dictionaries. You should, however, select your own methods for constructing "
++"passwords and not rely exclusively on the methods given here."
++msgstr ""
++"Sie können einigermaßen sicher sein, dass dieses Wort nur wenige Cracker in "
++"ihren Wörterlisten haben. Sie sollten allerdings Ihre eigenen Methoden "
++"entwickeln, wie Sie Passwörter wählen, und sich nicht ausschließlich auf die "
++"hier vorgestellten stützen."
++
++#: passwd.1.xml:141(para)
++msgid "The options which apply to the <command>passwd</command> command are:"
++msgstr ""
++"Die Optionen, die vom Befehl <command>passwd</command> unterstützt werden, "
++"sind:"
++
++#: passwd.1.xml:146(term) faillog.8.xml:42(term)
++msgid "<option>-a</option>, <option>--all</option>"
++msgstr "<option>-a</option>, <option>--all</option>"
++
++#: passwd.1.xml:150(para)
++msgid ""
++"This option can be used only with <option>-S</option> and causes show status "
++"for all users."
++msgstr ""
++"Diese Option kann nur in Verbindung mit <option>-S</option> verwendet werden "
++"und führt dazu, dass der Status aller Benutzer angezeigt wird."
++
++#: passwd.1.xml:157(term)
++msgid "<option>-d</option>, <option>--delete</option>"
++msgstr "<option>-d</option>, <option>--delete</option>"
++
++#: passwd.1.xml:161(para)
++msgid ""
++"Delete a user's password (make it empty). This is a quick way to disable a "
++"password for an account. It will set the named account passwordless."
++msgstr ""
++"Löscht das Passwort eines Benutzers (macht es leer). Dies ist ein schneller "
++"Weg, um das Passwort eines Kontos zu deaktivieren. Dem Konto ist dann kein "
++"Passwort zugeordnet."
++
++#: passwd.1.xml:169(term)
++msgid "<option>-e</option>, <option>--expire</option>"
++msgstr "<option>-e</option>, <option>--expire</option>"
++
++#: passwd.1.xml:173(para)
++msgid ""
++"Immediately expire an account's password. This in effect can force a user to "
++"change his/her password at the user's next login."
++msgstr ""
++"Lässt das Passwort eines Kontos sofort verfallen. Im Ergebnis kann damit "
++"erreicht werden, dass ein Benutzer beim nächsten Login das Passwort ändern "
++"muss."
++
++#: passwd.1.xml:186(term)
++msgid ""
++"<option>-i</option>, <option>--inactive</option><replaceable>INACTIVE</"
++"replaceable>"
++msgstr ""
++"<option>-i</option>, <option>--inactive</option><replaceable>INAKTIV</"
++"replaceable>"
++
++#: passwd.1.xml:190(para)
++msgid ""
++"This option is used to disable an account after the password has been "
++"expired for a number of days. After a user account has had an expired "
++"password for <replaceable>INACTIVE</replaceable> days, the user may no "
++"longer sign on to the account."
++msgstr ""
++"Mit dieser Option wird ein Konto deaktiviert, nachdem das Passwort für eine "
++"bestimmte Anzahl von Tagen abgelaufen ist. Wenn ein Benutzerkonto ein "
++"abgelaufenes Passwort für länger als <replaceable>INAKTIV</replaceable> Tage "
++"hatte, kann sich der Benutzer nicht mehr auf diesem Konto anmelden."
++
++#: passwd.1.xml:199(term)
++msgid "<option>-k</option>, <option>--keep-tokens</option>"
++msgstr "<option>-k</option>, <option>--keep-tokens</option>"
++
++# FIXME: Übersetzung, die näher am Original ist (tokens). sb
++#: passwd.1.xml:203(para)
++#, fuzzy
++msgid ""
++"Indicate password change should be performed only for expired authentication "
++"tokens (passwords). The user wishes to keep their non-expired tokens as "
++"before."
++msgstr ""
++"Zeigt an, dass eine Änderung des Passworts nur für abgelaufene Passwörter "
++"durchgeführt werden soll. Der Benutzer möchte seine gültigen Passwörter "
++"behalten."
++
++#: passwd.1.xml:211(term)
++msgid "<option>-l</option>, <option>--lock</option>"
++msgstr "<option>-l</option>, <option>--lock</option>"
++
++#: passwd.1.xml:215(para)
++msgid ""
++"Lock the named account. This option disables an account by changing the "
++"password to a value which matches no possible encrypted value."
++msgstr ""
++"Sperrt das bezeichnete Konto. Die Option schaltet ein Konto ab, indem es ein "
++"Passwort zuweist, das mit keinem möglichen verschlüsselten Wert "
++"übereinstimmen kann."
++
++#: passwd.1.xml:222(term) chage.1.xml:109(term)
++msgid ""
++"<option>-m</option>, <option>--mindays</option><replaceable>MIN_DAYS</"
++"replaceable>"
++msgstr ""
++"<option>-m</option>, <option>--mindays</option><replaceable>MIN_TAGE</"
++"replaceable>"
++
++#: passwd.1.xml:226(para) chage.1.xml:113(para)
++msgid ""
++"Set the minimum number of days between password changes to "
++"<replaceable>MIN_DAYS</replaceable>. A value of zero for this field "
++"indicates that the user may change his/her password at any time."
++msgstr ""
++"Setzt die Anzahl von Tagen, die mindestens zwischen zwei Änderungen eines "
++"Passworts vergehen müssen, auf <replaceable>MIN_TAGE</replaceable>. Ein Wert "
++"von Null in diesem Feld bedeutet, dass der Benutzer sein Passwort jederzeit "
++"ändern darf."
++
++#: passwd.1.xml:244(term)
++msgid ""
++"<option>-r</option>, <option>--repository</option><replaceable>REPOSITORY</"
++"replaceable>"
++msgstr ""
++"<option>-r</option>, <option>--repository</"
++"option><replaceable>PASSWORTDEPOT</replaceable>"
++
++#: passwd.1.xml:248(para)
++#, fuzzy
++msgid "change password in <replaceable>REPOSITORY</replaceable> repository"
++msgstr "Ändert das Passwort im Depot <replaceable>PASSWORTDEPOT</replaceable>."
++
++#: passwd.1.xml:254(term)
++msgid "<option>-S</option>, <option>--status</option>"
++msgstr "<option>-S</option>, <option>--status</option>"
++
++#: passwd.1.xml:258(para)
++msgid ""
++"Display account status information. The status information consists of 7 "
++"fields. The first field is the user's login name. The second field indicates "
++"if the user account is locked (L), has no password (NP), or has a usable "
++"password (P). The third field gives the date of the last password change. "
++"The next four fields are the minimum age, maximum age, warning period, and "
++"inactivity period for the password. These ages are expressed in days."
++msgstr ""
++"Zeigt Informationen über den Kontostatus an. Die Statusinformation besteht "
++"aus sieben Feldern. Das erste Feld ist der Login-Name des Benutzers. Das "
++"zweite Feld zeigt an, ob das Benutzerkonto gesperrt ist (L), kein Passwort "
++"hat (NP) oder ein verwendbares Passwort hat (P). Das dritte Feld zeigt das "
++"Datum der letzten Änderung des Passworts an. Die nächsten vier Felder sind "
++"das Mindestalter, das Höchstalter, die Dauer der Warnung und die Dauer der "
++"Untätigkeit für das Passwort. Die Zeiträume werden in Tagen ausgedrückt."
++
++#: passwd.1.xml:271(term)
++msgid "<option>-u</option>, <option>--unlock</option>"
++msgstr "<option>-u</option>, <option>--unlock</option>"
++
++#: passwd.1.xml:275(para)
++msgid ""
++"Unlock the named account. This option re-enables an account by changing the "
++"password back to its previous value (to value before using <option>-l</"
++"option> option)."
++msgstr ""
++"Entsperrt das bezeichnete Konto. Diese Option reaktiviert ein Konto wieder, "
++"indem das Passwort auf seinen alten Wert, den es hatte, bevor die Option "
++"<option>-l</option> verwendet wurde, zurückgesetzt wird."
++
++#: passwd.1.xml:283(term)
++msgid ""
++"<option>-w</option>, <option>--warndays</option><replaceable>WARN_DAYS</"
++"replaceable>"
++msgstr ""
++"<option>-w</option>, <option>--warndays</option><replaceable>WARN_TAGE</"
++"replaceable>"
++
++#: passwd.1.xml:287(para)
++msgid ""
++"Set the number of days of warning before a password change is required. The "
++"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
++"the password expiring that a user will be warned that his/her password is "
++"about to expire."
++msgstr ""
++"Legt die Anzahl der Tage fest, an denen der Benutzer eine Warnung erhält, "
++"bevor sein Passwort ungültig wird. Die Option <replaceable>WARN_TAGE</"
++"replaceable> bezeichnet die Anzahl der Tage, für die ein Benutzer vor "
++"Verfall seines Passworts gewarnt wird."
++
++#: passwd.1.xml:296(term)
++msgid ""
++"<option>-x</option>, <option>--maxdays</option><replaceable>MAX_DAYS</"
++"replaceable>"
++msgstr ""
++"<option>-x</option>, <option>--maxdays</option><replaceable>MAX_TAGE</"
++"replaceable>"
++
++#: passwd.1.xml:300(para)
++msgid ""
++"Set the maximum number of days a password remains valid. After "
++"<replaceable>MAX_DAYS</replaceable>, the password is required to be changed."
++msgstr ""
++"Bestimmt die maximale Anzahl von Tagen, die das Passwort gültig bleibt. Nach "
++"<replaceable>MAX_TAGE</replaceable> Tagen muss das Passwort geändert werden."
++
++#: passwd.1.xml:312(para)
++msgid ""
++"Not all options may be supported. Password complexity checking may vary from "
++"site to site. The user is urged to select a password as complex as he or she "
++"feels comfortable with. Users may not be able to change their password on a "
++"system if NIS is enabled and they are not logged into the NIS server."
++msgstr ""
++"Es kann sein, dass einige Optionen nicht unterstützt werden. Die Komplexität "
++"der Passwortprüfung kann sich auf verschiedenen Systemen unterscheiden. Der "
++"Benutzer wird angehalten, ein möglichst komplexes Passwort zu wählen, soweit "
++"es ihm angenehm ist. Benutzer können unter Umständen ihr Passwort nicht "
++"ändern, wenn auf dem System NIS aktiviert ist, sie aber nicht am NIS-Server "
++"angemeldet sind."
++
++#: passwd.1.xml:353(para) chage.1.xml:212(para)
++msgid "permission denied"
++msgstr "Berechtigung verweigert"
++
++#: passwd.1.xml:359(para)
++msgid "invalid combination of options"
++msgstr "ungültige Kombination von Optionen"
++
++#: passwd.1.xml:365(para)
++msgid "unexpected failure, nothing done"
++msgstr "unerwarteter Fehler, nichts wurde verändert"
++
++#: passwd.1.xml:371(para)
++msgid "unexpected failure, <filename>passwd</filename> file missing"
++msgstr "unerwarteter Fehler, die Datei <filename>passwd</filename> fehlt"
++
++#: passwd.1.xml:377(para)
++msgid "<filename>passwd</filename> file busy, try again"
++msgstr ""
++"Datei <filename>passwd</filename> wird benutzt, bitte nochmal versuchen"
++
++#: passwd.1.xml:341(para)
++msgid ""
++"The <command>passwd</command> command exits with the following values: "
++"<placeholder-1/>"
++msgstr ""
++"Der Befehl <command>passwd</command> gibt beim Beenden folgende Werte "
++"zurück: <placeholder-1/>"
++
++#: passwd.1.xml:392(para)
++msgid ""
++"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>passwd</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>passwd</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>."
++
++#: nologin.8.xml:5(refentrytitle) nologin.8.xml:10(refname)
++#: nologin.8.xml:16(command)
++msgid "nologin"
++msgstr "nologin"
++
++#: nologin.8.xml:11(refpurpose)
++msgid "politely refuse a login"
++msgstr ""
++
++#: nologin.8.xml:22(para)
++msgid ""
++"The <command>nologin</command> command displays a message that an account is "
++"not available and exits non-zero. It is intended as a replacement shell "
++"field for accounts that have been disabled."
++msgstr ""
++
++#: nologin.8.xml:27(para)
++msgid ""
++"To disable all logins, investigate <citerefentry><refentrytitle>nologin</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
++msgstr ""
++
++#: nologin.8.xml:36(para)
++msgid ""
++"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>nologin</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>nologin</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
++
++#: nologin.8.xml:47(title)
++msgid "HYSTORY"
++msgstr ""
++
++#: nologin.8.xml:48(para)
++msgid "The <command>nologin</command> command appeared in BSD 4.4."
++msgstr ""
++
++#: newusers.8.xml:5(refentrytitle) newusers.8.xml:10(refname)
++#: newusers.8.xml:16(command) login.defs.5.xml:196(term)
++msgid "newusers"
++msgstr "newusers"
++
++#: newusers.8.xml:11(refpurpose)
++msgid "update and create new users in batch"
++msgstr ""
++
++#: newusers.8.xml:18(replaceable)
++msgid "new_users"
++msgstr ""
++
++#: newusers.8.xml:25(para)
++msgid ""
++"The <command>newusers</command> command reads a file of user name and clear-"
++"text password pairs and uses this information to update a group of existing "
++"users or to create new users. Each line is in the same format as the "
++"standard password file (see <citerefentry><refentrytitle>passwd</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>) with the following "
++"exceptions:"
++msgstr ""
++
++#: newusers.8.xml:37(emphasis)
++msgid "pw_passwd"
++msgstr ""
++
++#: newusers.8.xml:40(para)
++msgid ""
++"This field will be encrypted and used as the new value of the encrypted "
++"password."
++msgstr ""
++
++#: newusers.8.xml:48(emphasis)
++msgid "pw_gid"
++msgstr ""
++
++#: newusers.8.xml:51(para)
++msgid ""
++"This field must contain the name (or number) of a group. The user will be "
++"added as a member to this group. When a non-existent group name or number is "
++"specified, a new group will be created. In the case of a non-existent group "
++"number, both the name and the number of the new group will be this number."
++msgstr ""
++
++#: newusers.8.xml:62(emphasis)
++msgid "pw_dir"
++msgstr ""
++
++#: newusers.8.xml:65(para)
++msgid ""
++"This field will be checked for existence as a directory, and a new directory "
++"with this name will be created if it does not already exist. The ownership "
++"of the directory will be set to be that of the user being created or updated."
++msgstr ""
++
++#: newusers.8.xml:75(para)
++msgid ""
++"This command is intended to be used in a large system environment where many "
++"accounts are updated at a single time."
++msgstr ""
++
++#: newusers.8.xml:83(para)
++msgid ""
++"The input file must be protected since it contains unencrypted passwords."
++msgstr ""
++
++#: newusers.8.xml:103(para)
++msgid ""
++"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>."
++
++#: newgrp.1.xml:5(refentrytitle) newgrp.1.xml:10(refname)
++#: newgrp.1.xml:16(command)
++msgid "newgrp"
++msgstr "newgrp"
++
++#: newgrp.1.xml:11(refpurpose)
++msgid "log in to a new group"
++msgstr ""
++
++#: newgrp.1.xml:17(replaceable) grpck.8.xml:18(replaceable)
++#: groupdel.8.xml:18(replaceable) groupadd.8.xml:24(replaceable)
++#: gpasswd.1.xml:18(replaceable) gpasswd.1.xml:24(replaceable)
++#: gpasswd.1.xml:29(replaceable) gpasswd.1.xml:33(replaceable)
++#: gpasswd.1.xml:37(replaceable) gpasswd.1.xml:43(replaceable)
++msgid "group"
++msgstr ""
++
++#: newgrp.1.xml:23(para)
++msgid ""
++"The <command>newgrp</command> command is used to change the current group ID "
++"during a login session. If the optional <option>-</option> flag is given, "
++"the user's environment will be reinitialized as though the user had logged "
++"in, otherwise the current environment, including current working directory, "
++"remains unchanged."
++msgstr ""
++
++#: newgrp.1.xml:31(para)
++msgid ""
++"<command>newgrp</command> changes the current real group ID to the named "
++"group, or to the default group listed in <filename>/etc/passwd</filename> if "
++"no group name is given. <command>newgrp</command> also tries to add the "
++"group to the user groupset. If not root, the user will be prompted for a "
++"password if she does not have a password (in <filename>/etc/shadow</"
++"filename> if this user has an entry in the shadowed password file, or in "
++"<filename>/etc/passwd</filename> otherwise) and the group does, or if the "
++"user is not listed as a member and the group has a password. The user will "
++"be denied access if the group password is empty and the user is not listed "
++"as a member."
++msgstr ""
++
++#: newgrp.1.xml:45(para)
++msgid ""
++"If there is an entry for this group in <filename>/etc/gshadow</filename>, "
++"then the list of members and the password of this group will be taken from "
++"this file, otherwise, the entry in <filename>/etc/group</filename> is "
++"considered."
++msgstr ""
++
++#: newgrp.1.xml:85(para)
++msgid ""
++"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>login</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>gshadow</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>login</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>gshadow</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
++
++#: logoutd.8.xml:5(refentrytitle) logoutd.8.xml:10(refname)
++#: logoutd.8.xml:16(command)
++msgid "logoutd"
++msgstr "logoutd"
++
++#: logoutd.8.xml:11(refpurpose)
++msgid "Enforce login time restrictions"
++msgstr ""
++
++#: logoutd.8.xml:22(para)
++msgid ""
++"<command>logoutd</command> enforces the login time and port restrictions "
++"specified in <filename>/etc/porttime</filename>. <command>logoutd</command> "
++"should be started from <filename>/etc/rc</filename>. The <filename>/var/run/"
++"utmp</filename> file is scanned periodically and each user name is checked "
++"to see if the named user is permitted on the named port at the current time. "
++"Any login session which is violating the restrictions in <filename>/etc/"
++"porttime</filename> is terminated."
++msgstr ""
++
++#: logoutd.8.xml:44(filename) login.1.xml:201(filename)
++msgid "/var/run/utmp"
++msgstr "/var/run/utmp"
++
++#: logoutd.8.xml:46(para) login.1.xml:203(para)
++msgid "List of current login sessions."
++msgstr ""
++
++#: login.defs.5.xml:5(refentrytitle) login.defs.5.xml:10(refname)
++msgid "login.defs"
++msgstr "login.defs"
++
++#: login.defs.5.xml:11(refpurpose)
++msgid "shadow password suite configuration"
++msgstr ""
++
++#: login.defs.5.xml:16(para)
++msgid ""
++"The <filename>/etc/login.defs</filename> file defines the site-specific "
++"configuration for the shadow password suite. This file is required. Absence "
++"of this file will not prevent system operation, but will probably result in "
++"undesirable operation."
++msgstr ""
++
++#: login.defs.5.xml:23(para)
++msgid ""
++"This file is a readable text file, each line of the file describing one "
++"configuration parameter. The lines consist of a configuration name and "
++"value, separated by whitespace. Blank lines and comment lines are ignored. "
++"Comments are introduced with a \"#\" pound sign and the pound sign must be "
++"the first non-white character of the line."
++msgstr ""
++
++#: login.defs.5.xml:31(para)
++msgid ""
++"Parameter values may be of four types: strings, booleans, numbers, and long "
++"numbers. A string is comprised of any printable characters. A boolean should "
++"be either the value \"yes\" or \"no\". An undefined boolean parameter or one "
++"with a value other than these will be given a \"no\" value. Numbers (both "
++"regular and long) may be either decimal values, octal values (precede the "
++"value with \"0\") or hexadecimal values (precede the value with \"0x\"). The "
++"maximum value of the regular and long numeric parameters is machine-"
++"dependent."
++msgstr ""
++
++#: login.defs.5.xml:42(para)
++msgid "The following configuration items are provided:"
++msgstr ""
++
++#: login.defs.5.xml:46(term)
++msgid "CHFN_AUTH (boolean)"
++msgstr ""
++
++#: login.defs.5.xml:48(para)
++msgid ""
++"If <emphasis remap=\"I\">yes</emphasis>, the <command>chfn</command> and "
++"<command>chsh</command> programs will require authentication before making "
++"any changes, unless run by the superuser."
++msgstr ""
++
++#: login.defs.5.xml:57(term)
++msgid "CHFN_RESTRICT (string)"
++msgstr ""
++
++#: login.defs.5.xml:59(para)
++msgid ""
++"This parameter specifies which values in the <emphasis remap=\"I\">gecos</"
++"emphasis> field of the <filename>/etc/passwd</filename> file may be changed "
++"by regular users using the <command>chfn</command> program. It can be any "
++"combination of letters <emphasis remap=\"I\">f</emphasis> ,<emphasis remap="
++"\"I\">r</emphasis>, <emphasis remap=\"I\">w</emphasis>, <emphasis remap=\"I"
++"\">h</emphasis>, for Full name, Room number, Work phone, and Home phone, "
++"respectively. For backward compatibility, \"yes\" is equivalent to \"rwh\" "
++"and \"no\" is equivalent to \"frwh\". If not specified, only the superuser "
++"can make any changes. The most restrictive setting is better achieved by not "
++"installing <filename>chfn</filename> SUID."
++msgstr ""
++
++#: login.defs.5.xml:76(term)
++msgid "GID_MAX (number)"
++msgstr ""
++
++#: login.defs.5.xml:77(term)
++msgid "GID_MIN (number)"
++msgstr ""
++
++#: login.defs.5.xml:79(para)
++msgid ""
++"Range of group IDs to choose from for the <command>useradd</command> and "
++"<command>groupadd</command> programs."
++msgstr ""
++
++#: login.defs.5.xml:87(term)
++msgid "MAIL_DIR (string)"
++msgstr ""
++
++#: login.defs.5.xml:89(para)
++msgid ""
++"The mail spool directory. This is needed to manipulate the mailbox when its "
++"corresponding user account is modified or deleted. If not specified, a "
++"compile-time default is used."
++msgstr ""
++
++#: login.defs.5.xml:97(term)
++msgid "PASS_MAX_DAYS (number)"
++msgstr ""
++
++#: login.defs.5.xml:99(para)
++msgid ""
++"The maximum number of days a password may be used. If the password is older "
++"than this, a password change will be forced. If not specified, -1 will be "
++"assumed (which disables the restriction)."
++msgstr ""
++
++#: login.defs.5.xml:108(term)
++msgid "PASS_MIN_DAYS (number)"
++msgstr ""
++
++#: login.defs.5.xml:110(para)
++msgid ""
++"The minimum number of days allowed between password changes. Any password "
++"changes attempted sooner than this will be rejected. If not specified, -1 "
++"will be assumed (which disables the restriction)."
++msgstr ""
++
++#: login.defs.5.xml:119(term)
++msgid "PASS_WARN_AGE (number)"
++msgstr ""
++
++#: login.defs.5.xml:121(para)
++msgid ""
++"The number of days warning given before a password expires. A zero means "
++"warning is given only upon the day of expiration, a negative value means no "
++"warning is given. If not specified, no warning will be provided."
++msgstr ""
++
++#: login.defs.5.xml:131(para)
++msgid ""
++"PASS_MAX_DAYS, PASS_MIN_DAYS and PASS_WARN_AGE are only used at the time of "
++"account creation. Any changes to these settings won't affect existing "
++"accounts."
++msgstr ""
++
++#: login.defs.5.xml:138(term)
++msgid "UID_MAX (number)"
++msgstr ""
++
++#: login.defs.5.xml:139(term)
++msgid "UID_MIN (number)"
++msgstr ""
++
++#: login.defs.5.xml:141(para)
++msgid ""
++"Range of user IDs to choose from for the <command>useradd</command> program."
++msgstr ""
++
++#: login.defs.5.xml:148(term)
++msgid "UMASK (number)"
++msgstr ""
++
++#: login.defs.5.xml:150(para)
++msgid ""
++"The permission mask is initialized to this value. If not specified, the "
++"permission mask will be initialized to 022."
++msgstr ""
++
++#: login.defs.5.xml:157(term)
++msgid "USERDEL_CMD (string)"
++msgstr ""
++
++#: login.defs.5.xml:159(para)
++msgid ""
++"If defined, this command is run when removing a user. It should remove any "
++"at/cron/print jobs etc. owned by the user to be removed (passed as the first "
++"argument)."
++msgstr ""
++
++#: login.defs.5.xml:170(title)
++msgid "CROSS REFERENCE"
++msgstr ""
++
++#: login.defs.5.xml:171(para)
++msgid ""
++"The following cross reference shows which programs in the shadow password "
++"suite use which parameters."
++msgstr ""
++
++#: login.defs.5.xml:178(term) chfn.1.xml:5(refentrytitle)
++#: chfn.1.xml:10(refname) chfn.1.xml:16(command)
++msgid "chfn"
++msgstr "chfn"
++
++#: login.defs.5.xml:180(para)
++msgid "CHFN_AUTH CHFN_RESTRICT"
++msgstr "CHFN_AUTH CHFN_RESTRICT"
++
++#: login.defs.5.xml:184(term) chsh.1.xml:5(refentrytitle)
++#: chsh.1.xml:10(refname) chsh.1.xml:16(command)
++msgid "chsh"
++msgstr "chsh"
++
++#: login.defs.5.xml:186(para)
++msgid "CHFN_AUTH"
++msgstr "CHFN_AUTH"
++
++#: login.defs.5.xml:190(term) groupadd.8.xml:5(refentrytitle)
++#: groupadd.8.xml:10(refname) groupadd.8.xml:16(command)
++msgid "groupadd"
++msgstr ""
++
++#: login.defs.5.xml:192(para)
++msgid "GID_MAX GID_MIN"
++msgstr "GID_MAX GID_MIN"
++
++#: login.defs.5.xml:198(para)
++msgid "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UMASK"
++msgstr ""
++
++#: login.defs.5.xml:206(para)
++msgid "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE"
++msgstr "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE"
++
++#: login.defs.5.xml:212(para)
++msgid ""
++"GID_MAX GID_MIN PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UID_MAX UID_MIN "
++"UMASK"
++msgstr ""
++"GID_MAX GID_MIN PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UID_MAX UID_MIN "
++"UMASK"
++
++#: login.defs.5.xml:223(para)
++msgid "MAIL_DIR USERDEL_CMD"
++msgstr "MAIL_DIR USERDEL_CMD"
++
++#: login.defs.5.xml:231(para)
++msgid "MAIL_DIR"
++msgstr "MAIL_DIR"
++
++#: login.defs.5.xml:240(para)
++msgid ""
++"Much of the functionality that used to be provided by the shadow password "
++"suite is now handled by PAM. Thus, <filename>/etc/login.defs</filename> is "
++"no longer used by programs such as: <citerefentry><refentrytitle>login</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
++"manvolnum></citerefentry>. Please refer to the corresponding PAM "
++"configuration files instead."
++msgstr ""
++
++#: login.defs.5.xml:257(para)
++msgid ""
++"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>passwd</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>passwd</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>passwd</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>passwd</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>."
++
++#: login.access.5.xml:5(refentrytitle) login.access.5.xml:10(refname)
++msgid "login.access"
++msgstr "login.access"
++
++#: login.access.5.xml:11(refpurpose)
++msgid "login access control table"
++msgstr ""
++
++#: login.access.5.xml:16(para)
++msgid ""
++"The <emphasis remap=\"I\">login.access</emphasis> file specifies (user, "
++"host) combinations and/or (user, tty) combinations for which a login will be "
++"either accepted or refused."
++msgstr ""
++
++#: login.access.5.xml:22(para)
++msgid ""
++"When someone logs in, the <emphasis remap=\"I\">login.access</emphasis> is "
++"scanned for the first entry that matches the (user, host) combination, or, "
++"in case of non-networked logins, the first entry that matches the (user, "
++"tty) combination. The permissions field of that table entry determines "
++"whether the login will be accepted or refused."
++msgstr ""
++
++#: login.access.5.xml:30(para)
++msgid ""
++"Each line of the login access control table has three fields separated by a "
++"\":\" character:"
++msgstr ""
++
++#: login.access.5.xml:35(para)
++msgid ""
++"<emphasis remap=\"I\">permission</emphasis>:<emphasis remap=\"I\">users</"
++"emphasis>:<emphasis remap=\"I\">origins</emphasis>"
++msgstr ""
++
++#: login.access.5.xml:39(para)
++msgid ""
++"The first field should be a \"<emphasis>+</emphasis>\" (access granted) or "
++"\"<emphasis>-</emphasis>\" (access denied) character. The second field "
++"should be a list of one or more login names, group names, or <emphasis>ALL</"
++"emphasis> (always matches). The third field should be a list of one or more "
++"tty names (for non-networked logins), host names, domain names (begin with "
++"\"<literal>.</literal>\"), host addresses, internet network numbers (end "
++"with \"<literal>.</literal>\"), <emphasis>ALL</emphasis> (always matches) or "
++"<emphasis>LOCAL</emphasis> (matches any string that does not contain a "
++"\"<literal>.</literal>\" character). If you run NIS you can use "
++"@netgroupname in host or user patterns."
++msgstr ""
++
++#: login.access.5.xml:53(para)
++msgid ""
++"The <emphasis>EXCEPT</emphasis> operator makes it possible to write very "
++"compact rules."
++msgstr ""
++
++#: login.access.5.xml:58(para)
++msgid ""
++"The group file is searched only when a name does not match that of the "
++"logged-in user. Only groups are matched in which users are explicitly "
++"listed: the program does not look at a user's primary group id value."
++msgstr ""
++
++#: login.1.xml:5(refentrytitle) login.1.xml:10(refname)
++#: login.1.xml:16(command) login.1.xml:23(command) login.1.xml:29(command)
++msgid "login"
++msgstr ""
++
++#: login.1.xml:11(refpurpose)
++msgid "begin session on the system"
++msgstr ""
++
++#: login.1.xml:17(arg) login.1.xml:24(arg) login.1.xml:30(arg)
++#: login.1.xml:140(option) groupmems.8.xml:20(arg) groupmems.8.xml:61(option)
++msgid "-p"
++msgstr "-p"
++
++#: login.1.xml:19(replaceable) login.1.xml:26(replaceable)
++msgid "username"
++msgstr ""
++
++#: login.1.xml:20(replaceable)
++msgid "ENV=VAR"
++msgstr ""
++
++#: login.1.xml:25(replaceable) login.1.xml:31(replaceable)
++msgid "host"
++msgstr ""
++
++#: login.1.xml:25(arg) chfn.1.xml:20(arg)
++msgid "-h <placeholder-1/>"
++msgstr ""
++
++#: login.1.xml:26(arg) chfn.1.xml:17(arg)
++msgid "-f <placeholder-1/>"
++msgstr "-f <placeholder-1/>"
++
++#: login.1.xml:31(arg) gpasswd.1.xml:37(arg) chfn.1.xml:18(arg)
++msgid "-r <placeholder-1/>"
++msgstr "-r <placeholder-1/>"
++
++#: login.1.xml:37(para)
++msgid ""
++"The <command>login</command> program is used to establish a new session with "
++"the system. It is normally invoked automatically by responding to the "
++"<emphasis remap=\"I\">login:</emphasis> prompt on the user's terminal. "
++"<command>login</command> may be special to the shell and may not be invoked "
++"as a sub-process. Typically, <command>login</command> is treated by the "
++"shell as <emphasis remap=\"B\">exec login</emphasis> which causes the user "
++"to exit from the current shell. Attempting to execute <command>login</"
++"command> from any shell but the login shell will produce an error message."
++msgstr ""
++
++#: login.1.xml:49(para)
++msgid ""
++"The user is then prompted for a password, where appropriate. Echoing is "
++"disabled to prevent revealing the password. Only a small number of password "
++"failures are permitted before <command>login</command> exits and the "
++"communications link is severed."
++msgstr ""
++
++#: login.1.xml:56(para)
++msgid ""
++"If password aging has been enabled for your account, you may be prompted for "
++"a new password before proceeding. You will be forced to provide your old "
++"password and the new password before continuing. Please refer to "
++"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry> for more information."
++msgstr ""
++
++#: login.1.xml:65(para)
++msgid ""
++"After a successful login, you will be informed of any system messages and "
++"the presence of mail. You may turn off the printing of the system message "
++"file, <filename>/etc/motd</filename>, by creating a zero-length file "
++"<filename>.hushlogin</filename> in your login directory. The mail message "
++"will be one of \"<emphasis>You have new mail.</emphasis>\", \"<emphasis>You "
++"have mail.</emphasis>\", or \"<emphasis>No Mail.</emphasis>\" according to "
++"the condition of your mailbox."
++msgstr ""
++
++#: login.1.xml:76(para)
++msgid ""
++"Your user and group ID will be set according to their values in the "
++"<filename>/etc/passwd</filename> file. The value for <envar>$HOME</envar>, "
++"<envar>$SHELL</envar>, <envar>$PATH</envar>, <envar>$LOGNAME</envar>, and "
++"<envar>$MAIL</envar> are set according to the appropriate fields in the "
++"password entry. Ulimit, umask and nice values may also be set according to "
++"entries in the GECOS field."
++msgstr ""
++
++#: login.1.xml:85(para)
++msgid ""
++"On some installations, the environmental variable <envar>$TERM</envar> will "
++"be initialized to the terminal type on your tty line, as specified in "
++"<filename>/etc/ttytype</filename>."
++msgstr ""
++
++#: login.1.xml:91(para)
++msgid ""
++"An initialization script for your command interpreter may also be executed. "
++"Please see the appropriate manual section for more information on this "
++"function."
++msgstr ""
++
++#: login.1.xml:103(para) login.1.xml:174(para)
++msgid ""
++"The <command>login</command> program is NOT responsible for removing users "
++"from the utmp file. It is the responsibility of "
++"<citerefentry><refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum></"
++"citerefentry> and <citerefentry><refentrytitle>init</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry> to clean up apparent "
++"ownership of a terminal session. If you use <command>login</command> from "
++"the shell prompt without <command>exec</command>, the user you use will "
++"continue to appear to be logged in even after you log out of the \"subsession"
++"\"."
++msgstr ""
++
++#: login.1.xml:123(option) groupadd.8.xml:21(arg) groupadd.8.xml:47(option)
++#: expiry.1.xml:18(arg)
++msgid "-f"
++msgstr "-f"
++
++#: login.1.xml:126(para)
++msgid "Do not perform authentication, user is preauthenticated."
++msgstr ""
++
++#: login.1.xml:132(option)
++msgid "-h"
++msgstr "-h"
++
++#: login.1.xml:135(para)
++msgid "Name of the remote host for this login."
++msgstr ""
++
++#: login.1.xml:143(para)
++msgid "Preserve environment."
++msgstr ""
++
++#: login.1.xml:151(para)
++msgid "Perform autologin protocol for rlogin."
++msgstr ""
++
++#: login.1.xml:156(para)
++msgid ""
++"The <option>-r</option>, <option>-h</option> and <option>-f</option> options "
++"are only used when <command>login</command> is invoked by root."
++msgstr ""
++
++#: login.1.xml:165(para)
++msgid ""
++"This version of <command>login</command> has many compilation options, only "
++"some of which may be in use at any particular site."
++msgstr ""
++
++#: login.1.xml:170(para)
++msgid ""
++"The location of files is subject to differences in system configuration."
++msgstr ""
++
++#: login.1.xml:186(para)
++msgid ""
++"As any program, <command>login</command> appearance could be faked. If non-"
++"trusted users have a physical access to the machine, an attacker could use "
++"this to obtain the password of the next person sitting in front of the "
++"machine. Under Linux, the SAK mecanism can be used by users to initiate of a "
++"trusted path and prevent this kind of attack."
++msgstr ""
++
++#: login.1.xml:207(filename)
++msgid "/var/log/wtmp"
++msgstr "/var/log/wtmp"
++
++#: login.1.xml:209(para)
++msgid "List of previous login sessions."
++msgstr ""
++
++#: login.1.xml:225(filename)
++msgid "/etc/motd"
++msgstr "/etc/motd"
++
++#: login.1.xml:227(para)
++msgid "System message of the day file."
++msgstr ""
++
++#: login.1.xml:231(filename)
++msgid "/etc/nologin"
++msgstr ""
++
++#: login.1.xml:233(para)
++msgid "Prevent non-root users from logging in."
++msgstr ""
++
++#: login.1.xml:237(filename)
++msgid "/etc/ttytype"
++msgstr "/etc/ttytype"
++
++#: login.1.xml:239(para)
++msgid "List of terminal types."
++msgstr ""
++
++#: login.1.xml:243(filename)
++msgid "$HOME/.hushlogin"
++msgstr ""
++
++#: login.1.xml:245(para)
++msgid "Suppress printing of system messages."
++msgstr ""
++
++#: login.1.xml:253(para)
++msgid ""
++"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>passwd</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>passwd</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
++
++#: limits.5.xml:5(refentrytitle) limits.5.xml:10(refname)
++msgid "limits"
++msgstr "limits"
++
++#: limits.5.xml:11(refpurpose)
++msgid "resource limits definition"
++msgstr ""
++
++#: limits.5.xml:17(para)
++msgid ""
++"The <emphasis remap=\"I\">limits</emphasis> file (<filename>/etc/limits</"
++"filename> by default or LIMITS_FILE defined <filename>config.h</filename>) "
++"describes the resource limits you wish to impose. It should be owned by root "
++"and readable by root account only."
++msgstr ""
++
++#: limits.5.xml:25(para)
++msgid ""
++"By default no quota is imposed on 'root'. In fact, there is no way to impose "
++"limits via this procedure to root-equiv accounts (accounts with UID 0)."
++msgstr ""
++
++#: limits.5.xml:31(para)
++msgid "Each line describes a limit for a user in the form:"
++msgstr ""
++
++#: limits.5.xml:34(emphasis)
++msgid "user LIMITS_STRING"
++msgstr ""
++
++#: limits.5.xml:37(para)
++msgid ""
++"The <emphasis>LIMITS_STRING</emphasis> is a string of a concatenated list of "
++"resource limits. Each limit consists of a letter identifier followed by a "
++"numerical limit."
++msgstr ""
++
++#: limits.5.xml:43(para)
++msgid "The valid identifiers are:"
++msgstr ""
++
++#: limits.5.xml:46(para)
++msgid "A: max address space (KB)"
++msgstr ""
++
++#: limits.5.xml:47(para)
++msgid "C: max core file size (KB)"
++msgstr ""
++
++#: limits.5.xml:48(para)
++msgid "D: max data size (KB)"
++msgstr ""
++
++#: limits.5.xml:49(para)
++msgid "F: maximum filesize (KB)"
++msgstr ""
++
++#: limits.5.xml:50(para)
++msgid "M: max locked-in-memory address space (KB)"
++msgstr ""
++
++#: limits.5.xml:51(para)
++msgid "N: max number of open files"
++msgstr ""
++
++#: limits.5.xml:52(para)
++msgid "R: max resident set size (KB)"
++msgstr ""
++
++#: limits.5.xml:53(para)
++msgid "S: max stack size (KB)"
++msgstr ""
++
++#: limits.5.xml:54(para)
++msgid "T: max CPU time (MIN)"
++msgstr ""
++
++#: limits.5.xml:55(para)
++msgid "U: max number of processes"
++msgstr ""
++
++#: limits.5.xml:56(para)
++msgid ""
++"K: file creation mask, set by <citerefentry><refentrytitle>umask</"
++"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
++msgstr ""
++
++#: limits.5.xml:61(para)
++msgid "L: max number of logins for this user"
++msgstr ""
++
++#: limits.5.xml:62(para)
++msgid ""
++"P: process priority, set by <citerefentry><refentrytitle>setpriority</"
++"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
++msgstr ""
++
++#: limits.5.xml:69(para)
++msgid ""
++"For example, <emphasis remap=\"I\">L2D2048N5</emphasis> is a valid "
++"<emphasis>LIMITS_STRING </emphasis>. For reading convenience, the following "
++"entries are equivalent:"
++msgstr ""
++
++#: limits.5.xml:75(programlisting)
++#, no-wrap
++msgid ""
++"\n"
++"      username L2D2048N5\n"
++"      username L2 D2048 N5\n"
++"    "
++msgstr ""
++
++#: limits.5.xml:80(para)
++msgid ""
++"Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of "
++"the line is considered a limit string, thus comments are not allowed. A "
++"invalid limits string will be rejected (not considered) by the "
++"<command>login</command> program."
++msgstr ""
++
++#: limits.5.xml:87(para)
++msgid ""
++"The default entry is denoted by username \"<emphasis>*</emphasis>\". If you "
++"have multiple <emphasis remap=\"I\">default</emphasis> entries in your "
++"<emphasis>LIMITS_FILE</emphasis>, then the last one will be used as the "
++"default entry."
++msgstr ""
++
++#: limits.5.xml:94(para)
++msgid ""
++"To completely disable limits for a user, a single dash \"<emphasis>-</"
++"emphasis>\" will do."
++msgstr ""
++
++#: limits.5.xml:99(para)
++msgid ""
++"Also, please note that all limit settings are set PER LOGIN. They are not "
++"global, nor are they permanent. Perhaps global limits will come, but for now "
++"this will have to do ;)"
++msgstr ""
++
++#: limits.5.xml:110(filename)
++msgid "/etc/limits"
++msgstr ""
++
++#: limits.5.xml:118(para)
++msgid ""
++"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>setpriority</"
++"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
++"manvolnum></citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>setpriority</"
++"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
++"manvolnum></citerefentry>."
++
++#: lastlog.8.xml:5(refentrytitle) lastlog.8.xml:10(refname)
++#: lastlog.8.xml:16(command)
++msgid "lastlog"
++msgstr "lastlog"
++
++#: lastlog.8.xml:11(refpurpose)
++msgid "reports the most recent login of all users or of a given user"
++msgstr ""
++
++#: lastlog.8.xml:25(para)
++msgid ""
++"<command>lastlog</command> formats and prints the contents of the last login "
++"log <filename>/var/log/lastlog</filename> file. The <emphasis>login-name</"
++"emphasis>, <emphasis>port</emphasis>, and <emphasis>last login time</"
++"emphasis> will be printed. The default (no flags) causes lastlog entries to "
++"be printed, sorted by their order in <filename>/etc/passwd</filename>."
++msgstr ""
++
++#: lastlog.8.xml:37(para)
++#, fuzzy
++msgid "The options which apply to the <command>lastlog</command> command are:"
++msgstr ""
++"Die Optionen, die vom Befehl <command>passwd</command> unterstützt werden, "
++"sind:"
++
++#: lastlog.8.xml:42(term)
++msgid ""
++"<option>-b</option>, <option>--before</option><replaceable>DAYS</replaceable>"
++msgstr ""
++
++#: lastlog.8.xml:46(para)
++msgid ""
++"Print only lastlog records older than <emphasis remap=\"I\">DAYS</emphasis>."
++msgstr ""
++
++#: lastlog.8.xml:60(term) faillog.8.xml:93(term)
++msgid ""
++"<option>-t</option>, <option>--time</option><replaceable>DAYS</replaceable>"
++msgstr ""
++
++#: lastlog.8.xml:65(para)
++msgid ""
++"Print the lastlog records more recent than <emphasis remap=\"I\">DAYS</"
++"emphasis>."
++msgstr ""
++
++#: lastlog.8.xml:72(term) faillog.8.xml:105(term)
++msgid ""
++"<option>-u</option>, <option>--user</option><replaceable>LOGIN</replaceable>"
++msgstr ""
++
++#: lastlog.8.xml:77(para)
++msgid ""
++"Print the lastlog record for user with specified <emphasis remap=\"I"
++"\">LOGIN</emphasis> only."
++msgstr ""
++
++#: lastlog.8.xml:85(term)
++msgid "The <option>-t</option> flag overrides the use of <option>-u</option>."
++msgstr ""
++
++#: lastlog.8.xml:94(para)
++msgid ""
++"If the user has never logged in the message <emphasis>** Never logged in**</"
++"emphasis> will be displayed instead of the port and time."
++msgstr ""
++
++#: lastlog.8.xml:101(title) groups.1.xml:36(title) chsh.1.xml:71(title)
++#: chage.1.xml:164(title)
++msgid "NOTE"
++msgstr ""
++
++#: lastlog.8.xml:102(para)
++msgid ""
++"The <filename>lastlog</filename> file is a database which contains info on "
++"the last login of each user. You should not rotate it. It is a sparse file, "
++"so its size on the disk is usually much smaller than the one shown by "
++"\"<command>ls -l</command>\" (which can indicate a really big file if you "
++"have in <filename>passwd</filename> users with a high UID). You can display "
++"its real size with \"<command>ls -s</command>\"."
++msgstr ""
++
++#: lastlog.8.xml:116(filename)
++msgid "/var/log/lastlog"
++msgstr "/var/log/lastlog"
++
++#: lastlog.8.xml:118(para)
++msgid "Database times of previous user logins."
++msgstr ""
++
++#: lastlog.8.xml:126(para)
++msgid ""
++"Large gaps in UID numbers will cause the lastlog program to run longer with "
++"no output to the screen (i.e. if in lastlog database there is no entries for "
++"users with UID between 170 and 800 lastlog will appear to hang as it "
++"processes entries with UIDs 171-799)."
++msgstr ""
++
++#: gshadow.5.xml:5(refentrytitle) gshadow.5.xml:10(refname)
++msgid "gshadow"
++msgstr "gshadow"
++
++#: gshadow.5.xml:11(refpurpose)
++msgid "shadowed group file"
++msgstr ""
++
++#: gshadow.5.xml:16(para)
++msgid ""
++"<filename>/etc/gshadow</filename> contains the shadowed information for "
++"group accounts. It contains lines with the following colon-separated fields:"
++msgstr ""
++
++#: gshadow.5.xml:23(para)
++msgid "group name"
++msgstr ""
++
++#: gshadow.5.xml:29(para)
++msgid "comma-separated list of group administrators"
++msgstr ""
++
++#: gshadow.5.xml:32(para)
++msgid "comma-separated list of group members"
++msgstr ""
++
++#: gshadow.5.xml:36(para)
++msgid ""
++"The group name and password fields must be filled. The encrypted password "
++"consists of characters from the 64-character alphabet a thru z, A thru Z, 0 "
++"thru 9, \\. and /. Refer to <citerefentry><refentrytitle>crypt</"
++"refentrytitle><manvolnum>3</manvolnum></citerefentry> for details on how "
++"this string is interpreted. If the password field contains some string that "
++"is not valid result of <citerefentry><refentrytitle>crypt</"
++"refentrytitle><manvolnum>3</manvolnum></citerefentry>, for instance ! or *, "
++"the user will not be able to use a unix password to log in, subject to "
++"<citerefentry><refentrytitle>pam</refentrytitle><manvolnum>7</manvolnum></"
++"citerefentry>."
++msgstr ""
++
++#: gshadow.5.xml:49(para)
++msgid ""
++"This information supersedes any password present in <filename>/etc/group</"
++"filename>."
++msgstr ""
++
++#: gshadow.5.xml:80(para)
++msgid ""
++"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>."
++
++#: grpck.8.xml:5(refentrytitle) grpck.8.xml:10(refname)
++#: grpck.8.xml:16(command)
++msgid "grpck"
++msgstr "grpck"
++
++#: grpck.8.xml:11(refpurpose)
++msgid "verify integrity of group files"
++msgstr ""
++
++#: grpck.8.xml:26(para)
++msgid ""
++"The <command>grpck</command> command verifies the integrity of the system "
++"authentication information. All entries in the <filename>/etc/group</"
++"filename> and <filename>/etc/gshadow</filename> are checked to see that the "
++"entry has the proper format and valid data in each field. The user is "
++"prompted to delete entries that are improperly formatted or which have other "
++"uncorrectable errors."
++msgstr ""
++
++#: grpck.8.xml:42(para)
++msgid "a unique group name"
++msgstr ""
++
++#: grpck.8.xml:45(para)
++msgid "a valid list of members and administrators"
++msgstr ""
++
++#: grpck.8.xml:49(para)
++msgid ""
++"The checks for correct number of fields and unique group name are fatal. If "
++"the entry has the wrong number of fields, the user will be prompted to "
++"delete the entire line. If the user does not answer affirmatively, all "
++"further checks are bypassed. An entry with a duplicated group name is "
++"prompted for deletion, but the remaining checks will still be made. All "
++"other errors are warnings and the user is encouraged to run the "
++"<command>groupmod</command> command to correct the error."
++msgstr ""
++
++#: grpck.8.xml:60(para)
++msgid ""
++"The commands which operate on the <filename>/etc/group</filename> file are "
++"not able to alter corrupted or duplicated entries. <command>grpck</command> "
++"should be used in those circumstances to remove the offending entry."
++msgstr ""
++
++#: grpck.8.xml:70(para)
++msgid ""
++"By default, <command>grpck</command> operates on the files <filename>/etc/"
++"group</filename> and <filename>/etc/gshadow</filename>. The user may select "
++"alternate files with the <emphasis remap=\"I\">group</emphasis> and "
++"<emphasis remap=\"I\">shadow</emphasis> parameters. Additionally, the user "
++"may execute the command in read-only mode by specifying the <option>-r</"
++"option> flag. This causes all questions regarding changes to be answered "
++"<emphasis>no</emphasis> without user intervention. <command>grpck</command> "
++"can also sort entries in <filename>/etc/group</filename> and <filename>/etc/"
++"gshadow</filename> by GID. To run it in sort mode pass it <option>-s</"
++"option> flag. No checks are performed then, it just sorts."
++msgstr ""
++
++#: grpck.8.xml:112(para)
++msgid ""
++"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>passwd</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>groupmod</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>passwd</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>groupmod</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
++
++#: grpck.8.xml:148(para)
++msgid "one or more bad group entries"
++msgstr ""
++
++#: grpck.8.xml:154(para)
++msgid "can't open group files"
++msgstr ""
++
++#: grpck.8.xml:160(para)
++msgid "can't lock group files"
++msgstr ""
++
++#: grpck.8.xml:166(para)
++msgid "can't update group files"
++msgstr ""
++
++#: grpck.8.xml:130(para)
++#, fuzzy
++msgid ""
++"The <command>grpck</command> command exits with the following values: "
++"<placeholder-1/>"
++msgstr ""
++"Der Befehl <command>passwd</command> gibt beim Beenden folgende Werte "
++"zurück: <placeholder-1/>"
++
++#: groups.1.xml:5(refentrytitle) groups.1.xml:10(refname)
++#: groups.1.xml:16(command)
++msgid "groups"
++msgstr ""
++
++#: groups.1.xml:11(refpurpose)
++msgid "display current group names"
++msgstr ""
++
++#: groups.1.xml:18(replaceable) gpasswd.1.xml:23(replaceable)
++#: gpasswd.1.xml:28(replaceable) chfn.1.xml:22(replaceable)
++msgid "user"
++msgstr ""
++
++#: groups.1.xml:25(para)
++msgid ""
++"The <command>groups</command> command displays the current group names or ID "
++"values. If the value does not have a corresponding entry in <filename>/etc/"
++"group</filename>, the value will be displayed as the numerical group value. "
++"The optional <emphasis remap=\"I\">user</emphasis> parameter will display "
++"the groups for the named <emphasis remap=\"I\">user</emphasis>."
++msgstr ""
++
++#: groups.1.xml:37(para)
++msgid ""
++"Systems which do not support concurrent group sets will have the information "
++"from <filename>/etc/group</filename> reported. The user must use "
++"<command>newgrp</command> or <command>sg</command> to change their current "
++"real and effective group ID."
++msgstr ""
++
++#: groups.1.xml:59(para)
++msgid ""
++"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>getgid</"
++"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
++"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>getgid</"
++"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
++"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
++
++#: groupmod.8.xml:5(refentrytitle) groupmod.8.xml:10(refname)
++#: groupmod.8.xml:16(command)
++msgid "groupmod"
++msgstr "groupmod"
++
++#: groupmod.8.xml:11(refpurpose)
++msgid "modify a group definition on the system"
++msgstr ""
++
++#: groupmod.8.xml:20(replaceable)
++msgid "GROUP"
++msgstr ""
++
++#: groupmod.8.xml:26(para)
++msgid ""
++"The <command>groupmod</command> command modifies the definition of the "
++"specified <replaceable>GROUP</replaceable> by modifying the appropriate "
++"entry in the group database."
++msgstr ""
++
++#: groupmod.8.xml:35(para)
++#, fuzzy
++msgid "The options which apply to the <command>groupmod</command> command are:"
++msgstr ""
++"Die Optionen, die vom Befehl <command>passwd</command> unterstützt werden, "
++"sind:"
++
++#: groupmod.8.xml:41(term)
++msgid ""
++"<option>-g</option>, <option>--gid</option><replaceable>GID</replaceable>"
++msgstr ""
++
++#: groupmod.8.xml:45(para)
++msgid ""
++"Specify the new group ID for the <replaceable>GROUP</replaceable>. The "
++"numerical value of the <replaceable>GID</replaceable> must be a non-negative "
++"decimal integer. This value must be unique, unless the <option>-o</option> "
++"option is used. Values between 0 and 999 are typically reserved for system "
++"groups. Any files which the old group ID is the file group ID must have the "
++"file group ID changed manually."
++msgstr ""
++
++#: groupmod.8.xml:63(term)
++msgid ""
++"<option>-n</option>, <option>--new-name</option><replaceable>NEW_GROUP</"
++"replaceable>"
++msgstr ""
++
++#: groupmod.8.xml:68(para)
++msgid ""
++"The name of the group will be changed from <replaceable>GROUP</replaceable> "
++"to <replaceable>NEW_GROUP</replaceable> name."
++msgstr ""
++
++#: groupmod.8.xml:79(para)
++msgid ""
++"When used with the <option>-g</option> option allow to change the group "
++"<replaceable>GID</replaceable> to non-unique value."
++msgstr ""
++
++#: groupmod.8.xml:144(para)
++msgid "group name already in use"
++msgstr ""
++
++#: groupmod.8.xml:108(para)
++#, fuzzy
++msgid ""
++"The <command>groupmod</command> command exits with the following values: "
++"<placeholder-1/>"
++msgstr ""
++"Der Befehl <command>passwd</command> gibt beim Beenden folgende Werte "
++"zurück: <placeholder-1/>"
++
++#: groupmod.8.xml:159(para)
++msgid ""
++"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>chsh</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>chsh</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>."
++
++#: groupmems.8.xml:5(refentrytitle) groupmems.8.xml:10(refname)
++#: groupmems.8.xml:16(command)
++msgid "groupmems"
++msgstr "groupmems"
++
++#: groupmems.8.xml:11(refpurpose)
++msgid "administer members of a user's primary group"
++msgstr ""
++
++#: groupmems.8.xml:18(replaceable) groupmems.8.xml:19(replaceable)
++#: groupmems.8.xml:49(replaceable) groupmems.8.xml:55(replaceable)
++msgid "user_name"
++msgstr ""
++
++#: groupmems.8.xml:18(arg) gpasswd.1.xml:23(arg)
++msgid "-a <placeholder-1/>"
++msgstr "-a <placeholder-1/>"
++
++#: groupmems.8.xml:19(arg) gpasswd.1.xml:28(arg)
++msgid "-d <placeholder-1/>"
++msgstr "-d <placeholder-1/>"
++
++#: groupmems.8.xml:20(arg) groupmems.8.xml:75(option)
++msgid "-l"
++msgstr "-l"
++
++#: groupmems.8.xml:21(replaceable) groupmems.8.xml:67(replaceable)
++msgid "group_name"
++msgstr ""
++
++#: groupmems.8.xml:21(arg) groupadd.8.xml:18(arg)
++msgid "-g <placeholder-1/>"
++msgstr "-g <placeholder-1/>"
++
++#: groupmems.8.xml:28(para)
++msgid ""
++"The <command>groupmems</command> command allows a user to administer his/her "
++"own group membership list without the requirement of superuser privileges. "
++"The <command>groupmems</command> utility is for systems that configure its "
++"users to be in their own name sake primary group (i.e., guest / guest)."
++msgstr ""
++
++#: groupmems.8.xml:36(para)
++msgid ""
++"Only the superuser, as administrator, can use <command>groupmems</command> "
++"to alter the memberships of other groups."
++msgstr ""
++
++#: groupmems.8.xml:43(para)
++#, fuzzy
++msgid ""
++"The options which apply to the <command>groupmems</command> command are:"
++msgstr ""
++"Die Optionen, die vom Befehl <command>passwd</command> unterstützt werden, "
++"sind:"
++
++#: groupmems.8.xml:49(option)
++msgid "-a"
++msgstr "-a"
++
++#: groupmems.8.xml:51(para)
++msgid "Add a new user to the group membership list."
++msgstr ""
++
++#: groupmems.8.xml:55(option)
++msgid "-d"
++msgstr "-d"
++
++#: groupmems.8.xml:57(para)
++msgid "Delete a user from the group membership list."
++msgstr ""
++
++#: groupmems.8.xml:63(para)
++msgid "Purge all users from the group membership list."
++msgstr ""
++
++#: groupmems.8.xml:67(option) groupadd.8.xml:59(option)
++msgid "-g"
++msgstr "-g"
++
++#: groupmems.8.xml:69(para)
++msgid "The superuser can specify which group membership list to modify."
++msgstr ""
++
++#: groupmems.8.xml:77(para)
++msgid "List the group membership list."
++msgstr ""
++
++#: groupmems.8.xml:84(title)
++msgid "SETUP"
++msgstr ""
++
++#: groupmems.8.xml:85(para)
++msgid ""
++"The <command>groupmems</command> executable should be in mode <literal>2770</"
++"literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</"
++"emphasis>. The system administrator can add users to group <emphasis>groups</"
++"emphasis> to allow or disallow them using the <command>groupmems</command> "
++"utility to manage their own group membership list."
++msgstr ""
++
++#: groupmems.8.xml:94(programlisting)
++#, no-wrap
++msgid ""
++"\n"
++"\t$ groupadd -r groups\n"
++"\t$ chmod 2770 groupmems\n"
++"\t$ chown root.groups groupmems\n"
++"\t$ groupmems -g groups -a gk4\n"
++"    "
++msgstr ""
++"\n"
++"\t$ groupadd -r groups\n"
++"\t$ chmod 2770 groupmems\n"
++"\t$ chown root.groups groupmems\n"
++"\t$ groupmems -g groups -a gk4\n"
++"    "
++
++# type: Plain text
++#: groupmems.8.xml:114(para)
++#, fuzzy
++msgid "secure group account information"
++msgstr "Verschlüsselte Informationen zu den Benutzerkonten."
++
++#: groupmems.8.xml:122(para)
++msgid ""
++"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>chsh</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>groupadd</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>chsh</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>groupadd</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
++
++#: groupdel.8.xml:5(refentrytitle) groupdel.8.xml:10(refname)
++#: groupdel.8.xml:16(command)
++msgid "groupdel"
++msgstr "groupdel"
++
++#: groupdel.8.xml:11(refpurpose)
++msgid "delete a group"
++msgstr ""
++
++#: groupdel.8.xml:25(para)
++msgid ""
++"The <command>groupdel</command> command modifies the system account files, "
++"deleting all entries that refer to <emphasis remap=\"I\">group</emphasis>. "
++"The named group must exist."
++msgstr ""
++
++#: groupdel.8.xml:30(para)
++msgid ""
++"You must manually check all file systems to insure that no files remain with "
++"the named group as the file group ID."
++msgstr ""
++
++#: groupdel.8.xml:37(para)
++msgid ""
++"You may not remove the primary group of any existing user. You must remove "
++"the user before you remove the group."
++msgstr ""
++
++#: groupdel.8.xml:86(para)
++msgid "can't remove user's primary group"
++msgstr ""
++
++#: groupdel.8.xml:62(para)
++#, fuzzy
++msgid ""
++"The <command>groupdel</command> command exits with the following values: "
++"<placeholder-1/>"
++msgstr ""
++"Der Befehl <command>passwd</command> gibt beim Beenden folgende Werte "
++"zurück: <placeholder-1/>"
++
++#: groupdel.8.xml:101(para)
++msgid ""
++"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>chsh</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>"
++msgstr ""
++"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>chsh</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>"
++
++#: groupadd.8.xml:11(refpurpose)
++msgid "create a new group"
++msgstr ""
++
++#: groupadd.8.xml:18(replaceable) groupadd.8.xml:59(replaceable)
++msgid "GID"
++msgstr ""
++
++#: groupadd.8.xml:19(arg) groupadd.8.xml:100(option)
++msgid "-o"
++msgstr "-o"
++
++#: groupadd.8.xml:22(replaceable) groupadd.8.xml:79(replaceable)
++msgid "KEY"
++msgstr ""
++
++#: groupadd.8.xml:22(replaceable) groupadd.8.xml:79(replaceable)
++#, fuzzy
++msgid "VALUE"
++msgstr "RÜCKGABEWERTE"
++
++#: groupadd.8.xml:22(arg) groupadd.8.xml:79(option)
++msgid "-K <placeholder-1/>=<placeholder-2/>"
++msgstr "-K <placeholder-1/>=<placeholder-2/>"
++
++#: groupadd.8.xml:31(para)
++msgid ""
++"The <command>groupadd</command> command creates a new group account using "
++"the values specified on the command line and the default values from the "
++"system. The new group will be entered into the system files as needed."
++msgstr ""
++
++#: groupadd.8.xml:40(para)
++#, fuzzy
++msgid "The options which apply to the <command>groupadd</command> command are:"
++msgstr ""
++"Die Optionen, die vom Befehl <command>passwd</command> unterstützt werden, "
++"sind:"
++
++#: groupadd.8.xml:50(para)
++msgid ""
++"This option causes to just exit with success status if the specified group "
++"already exists. With <option>-g</option>, if specified GID already exists, "
++"other (unique) GID is chosen (i.e. <option>-g</option> is turned off)."
++msgstr ""
++
++#: groupadd.8.xml:62(para)
++msgid ""
++"The numerical value of the group's ID. This value must be unique, unless the "
++"<option>-o</option> option is used. The value must be non-negative. The "
++"default is to use the smallest ID value greater than 999 and greater than "
++"every other group. Values between 0 and 999 are typically reserved for "
++"system accounts."
++msgstr ""
++
++#: groupadd.8.xml:82(para)
++msgid ""
++"Overrides <filename>/etc/login.defs</filename> defaults (GID_MIN, GID_MAX "
++"and others). Multiple <option>-K</option> options can be specified."
++msgstr ""
++
++#: groupadd.8.xml:87(para)
++msgid ""
++"Example: <option>-K </option><replaceable>GID_MIN</"
++"replaceable>=<replaceable>100</replaceable><option> -K </"
++"option><replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
++msgstr ""
++
++#: groupadd.8.xml:91(para)
++msgid ""
++"Note: <option>-K </option><replaceable>GID_MIN</"
++"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
++"replaceable>=<replaceable>499</replaceable> doesn't work yet."
++msgstr ""
++
++#: groupadd.8.xml:103(para)
++msgid "This option permits to add group with non-unique GID."
++msgstr ""
++
++#: groupadd.8.xml:137(para)
++msgid ""
++"Groupnames must begin with a lower case letter or an underscore, and only "
++"lower case letters, underscores, dashes, and dollar signs may follow. In "
++"regular expression terms: [a-z_][a-z0-9_-]*[$]"
++msgstr ""
++
++#: groupadd.8.xml:141(para) groupadd.8.xml:149(para)
++msgid "Groupnames may only be up to 16 characters long."
++msgstr ""
++
++#: groupadd.8.xml:143(para)
++msgid ""
++"If the groupname already exists in an external group database such as NIS, "
++"<command>groupadd</command> will deny the group creation request."
++msgstr ""
++
++#: groupadd.8.xml:179(para)
++msgid "GID not unique (when <option>-o</option> not used)"
++msgstr ""
++
++#: groupadd.8.xml:185(para)
++msgid "group name not unique"
++msgstr ""
++
++#: groupadd.8.xml:155(para)
++#, fuzzy
++msgid ""
++"The <command>groupadd</command> command exits with the following values: "
++"<placeholder-1/>"
++msgstr ""
++"Der Befehl <command>passwd</command> gibt beim Beenden folgende Werte "
++"zurück: <placeholder-1/>"
++
++#: groupadd.8.xml:200(para)
++msgid ""
++"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>chsh</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>chsh</"
++"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
++
++#: gpasswd.1.xml:5(refentrytitle) gpasswd.1.xml:10(refname)
++#: gpasswd.1.xml:16(command) gpasswd.1.xml:22(command)
++#: gpasswd.1.xml:27(command) gpasswd.1.xml:32(command)
++#: gpasswd.1.xml:36(command) gpasswd.1.xml:40(command)
++msgid "gpasswd"
++msgstr "gpasswd"
++
++#: gpasswd.1.xml:11(refpurpose)
++msgid "administer the <placeholder-1/> file"
++msgstr ""
++
++#: gpasswd.1.xml:33(arg)
++msgid "-R <placeholder-1/>"
++msgstr "-R <placeholder-1/>"
++
++#: gpasswd.1.xml:41(replaceable) gpasswd.1.xml:42(replaceable)
++msgid "user,"
++msgstr ""
++
++#: gpasswd.1.xml:41(arg)
++msgid "-A <placeholder-1/>"
++msgstr "-A <placeholder-1/>"
++
++#: gpasswd.1.xml:42(arg)
++msgid "-M <placeholder-1/>"
++msgstr "-M <placeholder-1/>"
++
++#: gpasswd.1.xml:49(para)
++msgid ""
++"The <command>gpasswd</command> command is used to administer the <filename>/"
++"etc/group</filename> file (and <filename>/etc/gshadow</filename> file if "
++"compiled with SHADOWGRP defined). Every group can have administrators, "
++"members and a password. System administrator can use <option>-A</option> "
++"option to define group administrator(s) and <option>-M</option> option to "
++"define members and has all rights of group administrators and members."
++msgstr ""
++
++#: gpasswd.1.xml:60(title)
++#, fuzzy
++msgid "Notes about group passwords"
++msgstr "Hinweise zu Benutzerpasswörtern"
++
++#: gpasswd.1.xml:61(para)
++msgid ""
++"Group passwords are an inherent security problem since more than one person "
++"is permitted to know the password. However, groups are a useful tool for "
++"permitting co-operation between different users."
++msgstr ""
++
++#: gpasswd.1.xml:72(para)
++msgid ""
++"Group administrator can add and delete users using <option>-a</option> and "
++"<option>-d</option> options respectively. Administrators can use <option>-r</"
++"option> option to remove group password. When no password is set only group "
++"members can use <command>newgrp</command> to join the group. Option <option>-"
++"R</option> disables access via a password to the group through "
++"<command>newgrp</command> command (however members will still be able to "
++"switch to this group)."
++msgstr ""
++
++#: gpasswd.1.xml:82(para)
++msgid ""
++"<command>gpasswd</command> called by a group administrator with group name "
++"only prompts for the group password. If password is set the members can "
++"still <citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</"
++"manvolnum></citerefentry> without a password, non-members must supply the "
++"password."
++msgstr ""
++
++#: gpasswd.1.xml:112(para)
++msgid ""
++"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>gshadow</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>grpck</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>gshadow</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>grpck</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>."
++
++#: faillog.8.xml:5(refentrytitle) faillog.8.xml:10(refname)
++#: faillog.8.xml:16(command) faillog.5.xml:5(refentrytitle)
++#: faillog.5.xml:10(refname) faillog.5.xml:53(refentrytitle)
++msgid "faillog"
++msgstr "faillog"
++
++#: faillog.8.xml:11(refpurpose)
++msgid "display faillog records or set login failure limits"
++msgstr ""
++
++#: faillog.8.xml:25(para)
++msgid ""
++"<command>faillog</command> formats the contents of the failure log from "
++"<filename>/var/log/faillog</filename> database. It also can be used for "
++"maintains failure counters and limits. Run <command>faillog</command> "
++"without arguments display only list of user faillog records who have ever "
++"had a login failure."
++msgstr ""
++
++#: faillog.8.xml:36(para)
++#, fuzzy
++msgid "The options which apply to the <command>faillog</command> command are:"
++msgstr ""
++"Die Optionen, die vom Befehl <command>passwd</command> unterstützt werden, "
++"sind:"
++
++#: faillog.8.xml:44(para)
++msgid "Display faillog records for all users."
++msgstr ""
++
++#: faillog.8.xml:54(term)
++msgid ""
++"<option>-l</option>, <option>--lock-time</option><replaceable>SEC</"
++"replaceable>"
++msgstr ""
++
++#: faillog.8.xml:59(para)
++msgid ""
++"Lock account to <replaceable>SEC</replaceable> seconds after failed login."
++msgstr ""
++
++#: faillog.8.xml:66(term)
++msgid ""
++"<option>-m</option>, <option>--maximum</option><replaceable>MAX</replaceable>"
++msgstr ""
++
++#: faillog.8.xml:71(para)
++msgid ""
++"Set maximum number of login failures after the account is disabled to "
++"<replaceable>MAX</replaceable>. Selecting <replaceable>MAX</replaceable> "
++"value of 0 has the effect of not placing a limit on the number of failed "
++"logins. The maximum failure count should always be 0 for <emphasis>root</"
++"emphasis> to prevent a denial of services attack against the system."
++msgstr ""
++
++#: faillog.8.xml:82(term)
++msgid "<option>-r</option>, <option>--reset</option>"
++msgstr "<option>-r</option>, <option>--reset</option>"
++
++#: faillog.8.xml:84(para)
++msgid ""
++"Reset the counters of login failures or one record if used with the <option>-"
++"u</option><replaceable>LOGIN</replaceable> option. Write access to "
++"<filename>/var/log/faillog</filename> is required for this option."
++msgstr ""
++
++#: faillog.8.xml:97(para)
++msgid ""
++"Display faillog records more recent than <replaceable>DAYS</replaceable>. "
++"The <option>-t</option> flag overrides the use of <option>-u</option>."
++msgstr ""
++
++#: faillog.8.xml:109(para)
++msgid ""
++"Display faillog record or maintains failure counters and limits (if used "
++"with <option>-l</option>, <option>-m</option> or <option>-r</option> "
++"options) only for user with <replaceable>LOGIN</replaceable>."
++msgstr ""
++
++#: faillog.8.xml:122(para)
++msgid ""
++"<command>faillog</command> only prints out users with no successful login "
++"since the last failure. To print out a user who has had a successful login "
++"since their last failure, you must explicitly request the user with the "
++"<option>-u</option> flag, or print out all users with the <option>-a</"
++"option> flag."
++msgstr ""
++
++#: faillog.8.xml:135(filename) faillog.5.xml:41(filename)
++msgid "/var/log/faillog"
++msgstr "/var/log/faillog"
++
++#: faillog.8.xml:137(para) faillog.5.xml:43(para)
++msgid "Failure logging file."
++msgstr ""
++
++#: faillog.8.xml:145(para)
++msgid ""
++"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>faillog</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
++msgstr ""
++
++#: faillog.5.xml:11(refpurpose)
++msgid "login failure logging file"
++msgstr ""
++
++#: faillog.5.xml:16(para)
++msgid ""
++"<filename>/var/log/faillog</filename> maintains a count of login failures "
++"and the limits for each account. The file is fixed length record, indexed by "
++"numerical UID. Each record contains the count of login failures since the "
++"last successful login; the maximum number of failures before the account is "
++"disabled; the line the last login failure occurred on; the date the last "
++"login failure occurred; and the time in seconds how long the account will be "
++"locked after a failure."
++msgstr ""
++
++#: faillog.5.xml:26(para)
++msgid "The structure of the file is:"
++msgstr ""
++
++#: faillog.5.xml:27(programlisting)
++#, no-wrap
++msgid ""
++"\n"
++"struct\tfaillog {\n"
++"\tshort   fail_cnt;\n"
++"\tshort   fail_max;\n"
++"\tchar    fail_line[12];\n"
++"\ttime_t  fail_time;\n"
++"\tlong    fail_locktime;\n"
++"};"
++msgstr ""
++"\n"
++"struct\tfaillog {\n"
++"\tshort   fail_cnt;\n"
++"\tshort   fail_max;\n"
++"\tchar    fail_line[12];\n"
++"\ttime_t  fail_time;\n"
++"\tlong    fail_locktime;\n"
++"};"
++
++#: expiry.1.xml:5(refentrytitle) expiry.1.xml:10(refname)
++#: expiry.1.xml:16(command)
++msgid "expiry"
++msgstr ""
++
++#: expiry.1.xml:11(refpurpose)
++msgid "check and enforce password expiration policy"
++msgstr ""
++
++#: expiry.1.xml:24(para)
++msgid ""
++"The <command>expiry</command> command checks (<option>-c</option>) the "
++"current password expiration and forces (<option>-f</option>) changes when "
++"required. It is callable as a normal user command."
++msgstr ""
++
++#: expiry.1.xml:51(para) chage.1.xml:233(para)
++msgid ""
++"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>shadow</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
++msgstr ""
++
++#: chsh.1.xml:11(refpurpose)
++msgid "change login shell"
++msgstr ""
++
++#: chsh.1.xml:28(para)
++msgid ""
++"The <command>chsh</command> command changes the user login shell. This "
++"determines the name of the user's initial login command. A normal user may "
++"only change the login shell for her own account, the superuser may change "
++"the login shell for any account."
++msgstr ""
++
++#: chsh.1.xml:39(para)
++#, fuzzy
++msgid "The options which apply to the <command>chsh</command> command are:"
++msgstr ""
++"Die Optionen, die vom Befehl <command>passwd</command> unterstützt werden, "
++"sind:"
++
++#: chsh.1.xml:61(para)
++msgid ""
++"If the <option>-s</option> option is not selected, <command>chsh</command> "
++"operates in an interactive fashion, prompting the user with the current "
++"login shell. Enter the new value to change the shell, or leave the line "
++"blank to use the current one. The current shell is displayed between a pair "
++"of <emphasis>[ ]</emphasis> marks."
++msgstr ""
++
++#: chsh.1.xml:72(para)
++msgid ""
++"The only restriction placed on the login shell is that the command name must "
++"be listed in <filename>/etc/shells</filename>, unless the invoker is the "
++"superuser, and then any value may be added. An account with a restricted "
++"login shell may not change her login shell. For this reason, placing "
++"<filename>/bin/rsh</filename> in <filename>/etc/shells</filename> is "
++"discouraged since accidentally changing to a restricted shell would prevent "
++"the user from ever changing her login shell back to its original value."
++msgstr ""
++
++#: chsh.1.xml:94(filename)
++msgid "/etc/shells"
++msgstr "/etc/shells"
++
++#: chsh.1.xml:96(para)
++msgid "List of valid login shells."
++msgstr ""
++
++#: chsh.1.xml:110(para)
++msgid ""
++"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>login.defs</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>login.defs</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>."
++
++#: chpasswd.8.xml:5(refentrytitle) chpasswd.8.xml:10(refname)
++#: chpasswd.8.xml:16(command)
++msgid "chpasswd"
++msgstr "chpasswd"
++
++#: chpasswd.8.xml:11(refpurpose)
++msgid "update passwords in batch mode"
++msgstr ""
++
++#: chpasswd.8.xml:25(para)
++msgid ""
++"The <command>chpasswd</command> command reads a list of user name and "
++"password pairs from standard input and uses this information to update a "
++"group of existing users. Each line is of the format:"
++msgstr ""
++
++#: chpasswd.8.xml:30(para)
++msgid ""
++"<emphasis remap=\"I\">user_name</emphasis>:<emphasis remap=\"I\">password</"
++"emphasis>"
++msgstr ""
++
++#: chpasswd.8.xml:34(para)
++msgid ""
++"By default the supplied password must be in clear-text. Default encryption "
++"algorithm is DES. Also the password age will be updated, if present."
++msgstr ""
++
++#: chpasswd.8.xml:39(para) chgpasswd.8.xml:38(para)
++msgid ""
++"This command is intended to be used in a large system environment where many "
++"accounts are created at a single time."
++msgstr ""
++
++#: chpasswd.8.xml:47(para)
++#, fuzzy
++msgid "The options which apply to the <command>chpasswd</command> command are:"
++msgstr ""
++"Die Optionen, die vom Befehl <command>passwd</command> unterstützt werden, "
++"sind:"
++
++#: chpasswd.8.xml:53(term) chgpasswd.8.xml:52(term)
++msgid "<option>-e</option>, <option>--encrypted</option>"
++msgstr ""
++
++#: chpasswd.8.xml:55(para) chgpasswd.8.xml:54(para)
++msgid "Supplied passwords are in encrypted form."
++msgstr ""
++
++#: chpasswd.8.xml:65(term) chgpasswd.8.xml:64(term)
++msgid "<option>-m</option>, <option>--md5</option>"
++msgstr ""
++
++#: chpasswd.8.xml:67(para) chgpasswd.8.xml:66(para)
++msgid ""
++"Use MD5 encryption instead of DES when the supplied passwords are not "
++"encrypted."
++msgstr ""
++
++#: chpasswd.8.xml:78(para) chgpasswd.8.xml:77(para)
++msgid ""
++"Remember to set permissions or umask to prevent readability of unencrypted "
++"files by other users."
++msgstr ""
++
++#: chpasswd.8.xml:86(para)
++msgid ""
++"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>newusers</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>newusers</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
++"manvolnum></citerefentry>."
++
++#: chgpasswd.8.xml:5(refentrytitle) chgpasswd.8.xml:10(refname)
++#: chgpasswd.8.xml:16(command)
++msgid "chgpasswd"
++msgstr "chgpasswd"
++
++#: chgpasswd.8.xml:11(refpurpose)
++msgid "update group passwords in batch mode"
++msgstr ""
++
++#: chgpasswd.8.xml:25(para)
++msgid ""
++"The <command>chgpasswd</command> command reads a list of group name and "
++"password pairs from standard input and uses this information to update a set "
++"of existing groups. Each line is of the format:"
++msgstr ""
++
++#: chgpasswd.8.xml:30(para)
++msgid ""
++"<emphasis remap=\"I\">group_name</emphasis>:<emphasis remap=\"I\">password</"
++"emphasis>"
++msgstr ""
++
++#: chgpasswd.8.xml:34(para)
++msgid ""
++"By default the supplied password must be in clear-text. Default encryption "
++"algorithm is DES."
++msgstr ""
++
++#: chgpasswd.8.xml:46(para)
++#, fuzzy
++msgid ""
++"The options which apply to the <command>chgpasswd</command> command are:"
++msgstr ""
++"Die Optionen, die vom Befehl <command>passwd</command> unterstützt werden, "
++"sind:"
++
++#: chgpasswd.8.xml:85(para)
++msgid ""
++"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
++"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
++"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
++
++# type: Plain text
++#: chfn.1.xml:11(refpurpose)
++#, fuzzy
++msgid "change real user name and information"
++msgstr "Verschlüsselte Informationen zu den Benutzerkonten."
++
++#: chfn.1.xml:17(replaceable)
++msgid "full_name"
++msgstr ""
++
++#: chfn.1.xml:18(replaceable)
++msgid "room_no"
++msgstr ""
++
++#: chfn.1.xml:19(replaceable)
++msgid "work_ph"
++msgstr ""
++
++#: chfn.1.xml:19(arg)
++msgid "-w <placeholder-1/>"
++msgstr ""
++
++#: chfn.1.xml:20(replaceable)
++msgid "home_ph"
++msgstr ""
++
++#: chfn.1.xml:21(replaceable)
++msgid "other"
++msgstr ""
++
++#: chfn.1.xml:21(arg)
++msgid "-o <placeholder-1/>"
++msgstr "-o <placeholder-1/>"
++
++#: chfn.1.xml:28(para)
++msgid ""
++"The <command>chfn</command> command changes user fullname, office number, "
++"office extension, and home phone number information for a user's account. "
++"This information is typically printed by "
++"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry> and similar programs. A normal user may only change the fields "
++"for her own account, subject to the restrictions in <filename>/etc/login."
++"defs</filename>. (The default configuration is to prevent users from "
++"changing their fullname.) The superuser may change any field for any "
++"account. Additionally, only the superuser may use the <option>-o</option> "
++"option to change the undefined portions of the GECOS field."
++msgstr ""
++
++#: chfn.1.xml:42(para)
++msgid ""
++"The only restriction placed on the contents of the fields is that no control "
++"characters may be present, nor any of comma, colon, or equal sign. The "
++"<emphasis remap=\"I\">other</emphasis> field does not have this restriction, "
++"and is used to store accounting information used by other applications."
++msgstr ""
++
++#: chfn.1.xml:49(para)
++msgid ""
++"If none of the options are selected, <command>chfn</command> operates in an "
++"interactive fashion, prompting the user with the current values for all of "
++"the fields. Enter the new value to change the field, or leave the line blank "
++"to use the current value. The current value is displayed between a pair of "
++"<emphasis remap=\"B\">[ ]</emphasis> marks. Without options, <command>chfn</"
++"command> prompts for the current user account."
++msgstr ""
++
++#: chfn.1.xml:79(para)
++msgid ""
++"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>login.defs</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>."
++msgstr ""
++"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
++"citerefentry>, <citerefentry><refentrytitle>login.defs</"
++"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
++"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
++"citerefentry>."
++
++#: chage.1.xml:5(refentrytitle) chage.1.xml:10(refname)
++#: chage.1.xml:15(command)
++msgid "chage"
++msgstr "chage"
++
++#: chage.1.xml:11(refpurpose)
++#, fuzzy
++msgid "change user password expiry information"
++msgstr "ändert das Passwort eines Benutzers"
++
++#: chage.1.xml:27(para)
++msgid ""
++"The <command>chage</command> command changes the number of days between "
++"password changes and the date of the last password change. This information "
++"is used by the system to determine when a user must change his/her password."
++msgstr ""
++
++#: chage.1.xml:37(para)
++#, fuzzy
++msgid "The options which apply to the <command>chage</command> command are:"
++msgstr ""
++"Die Optionen, die vom Befehl <command>passwd</command> unterstützt werden, "
++"sind:"
++
++#: chage.1.xml:42(term)
++msgid ""
++"<option>-d</option>, <option>--lastday</option><replaceable>LAST_DAY</"
++"replaceable>"
++msgstr ""
++
++#: chage.1.xml:46(para)
++msgid ""
++"Set the number of days since January 1st, 1970 when the password was last "
++"changed. The date may also be expressed in the format YYYY-MM-DD (or the "
++"format more commonly used in your area)."
++msgstr ""
++
++#: chage.1.xml:54(term)
++msgid ""
++"<option>-E</option>, <option>--expiredate</option><replaceable>EXPIRE_DATE</"
++"replaceable>"
++msgstr ""
++
++#: chage.1.xml:58(para)
++msgid ""
++"Set the date or number of days since January 1, 1970 on which the user's "
++"account will no longer be accessible. The date may also be expressed in the "
++"format YYYY-MM-DD (or the format more commonly used in your area). A user "
++"whose account is locked must contact the system administrator before being "
++"able to use the system again."
++msgstr ""
++
++#: chage.1.xml:66(para)
++msgid ""
++"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
++"<replaceable>EXPIRE_DATE</replaceable> will remove an account expiration "
++"date."
++msgstr ""
++
++#: chage.1.xml:80(term)
++msgid ""
++"<option>-I</option>, <option>--inactive</option><replaceable>INACTIVE</"
++"replaceable>"
++msgstr ""
++
++#: chage.1.xml:84(para)
++#, fuzzy
++msgid ""
++"Set the number of days of inactivity after a password has expired before the "
++"account is locked. The <replaceable>INACTIVE</replaceable> option is the "
++"number of days of inactivity. A user whose account is locked must contact "
++"the system administrator before being able to use the system again."
++msgstr ""
++"Legt die Anzahl der Tage fest, an denen der Benutzer eine Warnung erhält, "
++"bevor sein Passwort ungültig wird. Die Option <replaceable>WARN_TAGE</"
++"replaceable> bezeichnet die Anzahl der Tage, für die ein Benutzer vor "
++"Verfall seines Passworts gewarnt wird."
++
++#: chage.1.xml:91(para)
++msgid ""
++"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
++"<replaceable>INACTIVE</replaceable> will remove an account's inactivity."
++msgstr ""
++
++#: chage.1.xml:99(term)
++msgid "<option>-l</option>, <option>--list</option>"
++msgstr ""
++
++#: chage.1.xml:103(para)
++#, fuzzy
++msgid "Show account aging information."
++msgstr "Informationen zu den Benutzerkonten."
++
++#: chage.1.xml:121(term)
++msgid ""
++"<option>-M</option>, <option>--maxdays</option><replaceable>MAX_DAYS</"
++"replaceable>"
++msgstr ""
++
++#: chage.1.xml:125(para)
++msgid ""
++"Set the maximum number of days during which a password is valid. When "
++"<replaceable>MAX_DAYS</replaceable> plus <replaceable>LAST_DAY</replaceable> "
++"is less than the current day, the user will be required to change his/her "
++"password before being able to use his/her account. This occurrence can be "
++"planned for in advance by use of the <option>-W</option> option, which "
++"provides the user with advance warning."
++msgstr ""
++
++#: chage.1.xml:134(para)
++msgid ""
++"Passing the number <emphasis remap=\"I\">-1</emphasis> as "
++"<replaceable>MAX_DAYS</replaceable> will remove checking a password's "
++"validity."
++msgstr ""
++
++#: chage.1.xml:142(term)
++msgid ""
++"<option>-W</option>, <option>--warndays</option><replaceable>WARN_DAYS</"
++"replaceable>"
++msgstr ""
++
++#: chage.1.xml:146(para)
++#, fuzzy
++msgid ""
++"Set the number of days of warning before a password change is required. The "
++"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
++"the password expiring that a user will be warned his/her password is about "
++"to expire."
++msgstr ""
++"Legt die Anzahl der Tage fest, an denen der Benutzer eine Warnung erhält, "
++"bevor sein Passwort ungültig wird. Die Option <replaceable>WARN_TAGE</"
++"replaceable> bezeichnet die Anzahl der Tage, für die ein Benutzer vor "
++"Verfall seines Passworts gewarnt wird."
++
++#: chage.1.xml:155(para)
++msgid ""
++"If none of the options are selected, <command>chage</command> operates in an "
++"interactive fashion, prompting the user with the current values for all of "
++"the fields. Enter the new value to change the field, or leave the line blank "
++"to use the current value. The current value is displayed between a pair of "
++"<emphasis>[ ]</emphasis> marks."
++msgstr ""
++
++#: chage.1.xml:165(para)
++msgid ""
++"The <command>chage</command> program requires a shadow password file to be "
++"available."
++msgstr ""
++
++#: chage.1.xml:169(para)
++msgid ""
++"The <command>chage</command> command is restricted to the root user, except "
++"for the <option>-l</option> option, which may be used by an unprivileged "
++"user to determine when his/her password or account is due to expire."
++msgstr ""
++
++#: chage.1.xml:222(replaceable)
++msgid "15"
++msgstr ""
++
++#: chage.1.xml:224(para)
++msgid "can't find the shadow password file"
++msgstr ""
++
++#: chage.1.xml:200(para)
++#, fuzzy
++msgid ""
++"The <command>chage</command> command exits with the following values: "
++"<placeholder-1/>"
++msgstr ""
++"Der Befehl <command>passwd</command> gibt beim Beenden folgende Werte "
++"zurück: <placeholder-1/>"
++
++#. Put one translator per line, in the form of NAME <EMAIL>, YEAR1, YEAR2.
++#: chage.1.xml:0(None)
++msgid "translator-credits"
++msgstr "Simon Brandmair (sbrandmair@gmx.net), 2005, 2006."
--- shadow-4.0.18.1.orig/debian/patches/405_su_no_pam_end_before_exec
+++ shadow-4.0.18.1/debian/patches/405_su_no_pam_end_before_exec
@@ -0,0 +1,29 @@
+Goal: Avoid terminating the PAM library in the forked child. This is done
+      later in the parent after closing the PAM session.
+
+Note: OR'ing the status with PAM_DATA_SILENT should be sufficient, but it
+is not supported by some modules, and the pam_end is not strictly needed
+anyway.
+
+Fixes: #412061
+
+Status wrt upstream: not reported yet.
+
+Index: shadow-4.0.18.1/src/su.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/su.c	2007-02-25 14:22:54.000000000 +0100
++++ shadow-4.0.18.1/src/su.c	2007-02-25 14:29:01.000000000 +0100
+@@ -197,7 +197,12 @@
+ 
+ 	child = fork ();
+ 	if (child == 0) {	/* child shell */
+-		pam_end (pamh, PAM_SUCCESS);
++		/*
++		 * PAM_DATA_SILENT is not supported by some modules, and
++		 * there is no strong need to clean up the process space's
++		 * memory since we will either call exec or exit.
++		pam_end (pamh, PAM_SUCCESS | PAM_DATA_SILENT);
++		 */
+ 
+ 		if (doshell)
+ 			(void) shell (shellstr, (char *) args[0], envp);
--- shadow-4.0.18.1.orig/debian/patches/495_salt_stack_smash
+++ shadow-4.0.18.1/debian/patches/495_salt_stack_smash
@@ -0,0 +1,87 @@
+Goal: Do not break chpasswd/chgpasswd if compiled with
+      SSP (the -fstack-protector option in gcc 4.1) by fixing an
+      overflow in the 'salt' array
+
+Fix: #377825
+
+Author: Colin Watson <cjwatson@debian.org>
+
+Status wrt upstream: reported, not applied yet
+
+Index: shadow-4.0.18.1/libmisc/salt.c
+===================================================================
+--- shadow-4.0.18.1.orig/libmisc/salt.c	2006-09-17 12:17:58.260039514 +0200
++++ shadow-4.0.18.1/libmisc/salt.c	2006-09-17 12:18:13.948164248 +0200
+@@ -25,11 +25,13 @@
+ {
+ 	struct timeval tv;
+ 	static char result[40];
++	int max_salt_len = 8;
+ 
+ 	result[0] = '\0';
+ #ifndef USE_PAM
+ 	if (getdef_bool ("MD5_CRYPT_ENAB")) {
+ 		strcpy (result, "$1$");	/* magic for the new MD5 crypt() */
++		max_salt_len += 3;
+ 	}
+ #endif
+ 
+@@ -40,8 +42,8 @@
+ 	strcat (result, l64a (tv.tv_usec));
+ 	strcat (result, l64a (tv.tv_sec + getpid () + clock ()));
+ 
+-	if (strlen (result) > 3 + 8)	/* magic+salt */
+-		result[11] = '\0';
++	if (strlen (result) > max_salt_len)
++		result[max_salt_len] = '\0';
+ 
+ 	return result;
+ }
+Index: shadow-4.0.18.1/src/chgpasswd.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/chgpasswd.c	2006-09-17 12:17:58.260039514 +0200
++++ shadow-4.0.18.1/src/chgpasswd.c	2006-09-17 12:18:13.952164280 +0200
+@@ -244,10 +244,16 @@
+ 		newpwd = cp;
+ 		if (!eflg) {
+ 			if (md5flg) {
+-				char salt[12] = "$1$";
++				char md5salt[12] = "$1$";
++				char *salt = crypt_make_salt ();
+ 
+-				strcat (salt, crypt_make_salt ());
+-				cp = pw_encrypt (newpwd, salt);
++				if (strncmp (salt, "$1$", 3) == 0) {
++					strncat (md5salt, salt, 11);
++				} else {
++					strcat (md5salt, "$1$");
++					strncat (md5salt, salt, 8);
++				}
++				cp = pw_encrypt (newpwd, md5salt);
+ 			} else
+ 				cp = pw_encrypt (newpwd, crypt_make_salt ());
+ 		}
+Index: shadow-4.0.18.1/src/chpasswd.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/chpasswd.c	2006-09-17 12:17:58.228039259 +0200
++++ shadow-4.0.18.1/src/chpasswd.c	2006-09-17 12:18:13.972164439 +0200
+@@ -240,10 +240,16 @@
+ 		newpwd = cp;
+ 		if (!eflg) {
+ 			if (md5flg) {
+-				char salt[12] = "$1$";
++				char md5salt[12] = "";
++				char *salt = crypt_make_salt ();
+ 
+-				strcat (salt, crypt_make_salt ());
+-				cp = pw_encrypt (newpwd, salt);
++				if (strncmp (salt, "$1$", 3) == 0) {
++					strncat (md5salt, salt, 11);
++				} else {
++					strcat (md5salt, "$1$");
++					strncat (md5salt, salt, 8);
++				}
++				cp = pw_encrypt (newpwd, md5salt);
+ 			} else
+ 				cp = pw_encrypt (newpwd, crypt_make_salt ());
+ 		}
--- shadow-4.0.18.1.orig/debian/patches/497_newgrp_primary_group
+++ shadow-4.0.18.1/debian/patches/497_newgrp_primary_group
@@ -0,0 +1,24 @@
+Goal: Do not request a password when a user uses newgrp to switch to her
+      primary group.
+
+Fixes: #396691
+
+Status wrt upstream: not forwarded yet.
+
+Index: shadow-4.0.18.1/src/newgrp.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/newgrp.c	2007-04-15 15:25:01.000000000 +0200
++++ shadow-4.0.18.1/src/newgrp.c	2007-04-15 15:34:01.000000000 +0200
+@@ -357,6 +357,12 @@
+ 		needspasswd = 1;
+ 
+ 	/*
++	 * If it's her primary group, do not request a password.
++	 */
++	if (grp->gr_gid == pwd->pw_gid)
++		needspasswd = 0;
++
++	/*
+ 	 * If she does not have either a shadowed password, or a regular
+ 	 * password, and the group has a password, she needs to give the
+ 	 * group password.
--- shadow-4.0.18.1.orig/debian/patches/467_useradd_-r_LSB
+++ shadow-4.0.18.1/debian/patches/467_useradd_-r_LSB
@@ -0,0 +1,140 @@
+Goal: Add a "-r" option to useradd
+
+Fixes: #333706
+
+Status wrt upstream: Forwarded but not applied yet. Not sure that upstream
+                     is really ready to apply it. We apply it anyway because 
+                     LSB compliance is important for Debian
+
+Index: shadow-4.0.18.1/src/useradd.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/useradd.c	2006-09-17 12:18:01.140062412 +0200
++++ shadow-4.0.18.1/src/useradd.c	2006-09-17 12:18:05.004093135 +0200
+@@ -127,6 +127,7 @@
+     mflg = 0,			/* create user's home directory if it doesn't exist */
+     nflg = 0,			/* create a group having the same name as the user */
+     oflg = 0,			/* permit non-unique user ID to be specified with -u */
++    rflg = 0,			/* create a system account (LSB compliance) */
+     sflg = 0,			/* shell program for new account */
+     uflg = 0;			/* specify user ID for new account */
+ 
+@@ -638,6 +639,7 @@
+ 			   "				(non-unique) UID\n"
+ 			   "  -p, --password PASSWORD	use encrypted password for the new user\n"
+ 			   "				account\n"
++			   "  -r, --system			create a system account\n"
+ 			   "  -s, --shell SHELL		the login shell for the new user account\n"
+ 			   "  -u, --uid UID			force use the UID for the new user account\n"
+ 			   "\n"));
+@@ -686,11 +688,19 @@
+ 	spent->sp_namp = (char *) user_name;
+ 	spent->sp_pwdp = (char *) user_pass;
+ 	spent->sp_lstchg = time ((time_t *) 0) / SCALE;
+-	spent->sp_min = scale_age (getdef_num ("PASS_MIN_DAYS", -1));
+-	spent->sp_max = scale_age (getdef_num ("PASS_MAX_DAYS", -1));
+-	spent->sp_warn = scale_age (getdef_num ("PASS_WARN_AGE", -1));
+-	spent->sp_inact = scale_age (def_inactive);
+-	spent->sp_expire = scale_age (user_expire);
++	if (!rflg) {
++		spent->sp_min = scale_age (getdef_num ("PASS_MIN_DAYS", -1));
++		spent->sp_max = scale_age (getdef_num ("PASS_MAX_DAYS", -1));
++		spent->sp_warn = scale_age (getdef_num ("PASS_WARN_AGE", -1));
++		spent->sp_inact = scale_age (def_inactive);
++		spent->sp_expire = scale_age (user_expire);
++        } else {
++		spent->sp_min = scale_age(-1);
++		spent->sp_max = scale_age(-1);
++		spent->sp_warn = scale_age(-1);
++		spent->sp_inact = scale_age(-1);
++		spent->sp_expire = scale_age(-1);
++	}
+ 	spent->sp_flag = -1;
+ }
+ 
+@@ -838,8 +848,13 @@
+ 	const struct passwd *pwd;
+ 	uid_t uid_min, uid_max;
+ 
+-	uid_min = getdef_unum ("UID_MIN", 1000);
+-	uid_max = getdef_unum ("UID_MAX", 60000);
++	if (!rflg) {
++		uid_min = getdef_unum ("UID_MIN", 1000);
++		uid_max = getdef_unum ("UID_MAX", 60000);
++	} else {
++		uid_min = 1;
++		uid_max = getdef_unum ("UID_MIN", 1000) - 1;
++	}
+ 
+ 	/*
+ 	 * Start with some UID value if the user didn't provide us with
+@@ -1018,12 +1033,13 @@
+ 			{"create-home", no_argument, NULL, 'm'},
+ 			{"non-unique", no_argument, NULL, 'o'},
+ 			{"password", required_argument, NULL, 'p'},
++			{"system", no_argument, NULL, 'r'},
+ 			{"shell", required_argument, NULL, 's'},
+ 			{"uid", required_argument, NULL, 'u'},
+ 			{NULL, 0, NULL, '\0'}
+ 		};
+ 		while ((c =
+-			getopt_long (argc, argv, "b:c:d:De:f:g:G:k:O:K:mMop:s:u:",
++			getopt_long (argc, argv, "b:c:d:De:f:g:G:k:O:K:mMop:rs:u:",
+ 				     long_options, NULL)) != -1) {
+ 			switch (c) {
+ 			case 'b':
+@@ -1177,6 +1193,9 @@
+ 				}
+ 				user_pass = optarg;
+ 				break;
++			case 'r':
++				rflg++;
++				break;
+ 			case 's':
+ 				if (!VALID (optarg)
+ 				    || (optarg[0]
+@@ -1569,24 +1588,27 @@
+  */
+ static void create_home (void)
+ {
+-	if (access (user_home, F_OK)) {
+-		/* XXX - create missing parent directories.  --marekm */
+-		if (mkdir (user_home, 0)) {
+-			fprintf (stderr,
+-				 _
+-				 ("%s: cannot create directory %s\n"),
+-				 Prog, user_home);
+-			fail_exit (E_HOMEDIR);
+-		}
+-		chown (user_home, user_id, user_gid);
+-		chmod (user_home,
+-		       0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK));
+-		home_added++;
+-#ifdef WITH_AUDIT
+-		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+-			      "adding home directory", user_name, user_id, 1);
+-#endif
+-	}
++  if (!rflg) { /* for system accounts defaults are ignored and we
++		    * do not create a home dir -- gafton */
++		if (access (user_home, F_OK)) {
++			/* XXX - create missing parent directories.  --marekm */
++			if (mkdir (user_home, 0)) {
++				fprintf (stderr,
++					 _
++				 	("%s: cannot create directory %s\n"),
++				 	Prog, user_home);
++				fail_exit (E_HOMEDIR);
++			}
++			chown (user_home, user_id, user_gid);
++			chmod (user_home,
++			       0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK));
++			home_added++;
++  #ifdef WITH_AUDIT
++			audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
++  			      "adding home directory", user_name, user_id, 1);
++  #endif
++		}
++  }
+ }
+ 
+ /*
--- shadow-4.0.18.1.orig/debian/patches/468_duplicate_passwd_struct_before_usage
+++ shadow-4.0.18.1/debian/patches/468_duplicate_passwd_struct_before_usage
@@ -0,0 +1,61 @@
+Goal:
+   The getpwnam man page specifies:
+
+       The getpwnam() and getpwuid() functions return a pointer  to  a  passwd
+       structure,  or  NULL  if  the  matching  entry is not found or an error
+       occurs.  If an error occurs, errno is set appropriately.  If one  wants
+       to  check  errno  after  the  call, it should be set to zero before the
+       call.
+
+       The return value may point to static area, and may  be  overwritten  by
+       subsequent calls to getpwent(), getpwnam(), or getpwuid().
+
+   There is no garranty that a PAM module will not use one of these
+   functions.  (This is the case of pam_unix in PAM 0.76)
+   So the structure must be duplicated before being used (there are call
+   to PAM between the call to getpwnam and the usage of the passwd
+   structure).
+
+   In the GNU libc, only a call to the same function (getpwent(),
+   getpwnam(), or getpwuid()) overrides the static area.
+
+   This patch should fix this kind of issues for the GNU libc. However,
+   getpwuid is often called after the call to getpwnam in shaow. I did not
+   checked if there may be an issue for non-GNU libc.
+
+Fixes: #341230
+
+Status wrt upstream: 
+
+Index: shadow-4.0.18.1/src/chfn.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/chfn.c	2006-05-07 19:44:39.000000000 +0200
++++ shadow-4.0.18.1/src/chfn.c	2006-09-17 12:18:06.364103948 +0200
+@@ -334,6 +334,11 @@
+ 		}
+ 		user = xstrdup (pw->pw_name);
+ 	}
++	pw = __pw_dup(pw);
++	if (!pw) {
++		fprintf (stderr, _("%s: out of memory\n"), Prog);
++		exit (E_NOPERM);
++	}
+ 
+ #ifdef	USE_NIS
+ 	/*
+Index: shadow-4.0.18.1/src/chsh.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/chsh.c	2006-07-13 23:26:35.000000000 +0200
++++ shadow-4.0.18.1/src/chsh.c	2006-09-17 12:18:06.368103980 +0200
+@@ -265,6 +265,11 @@
+ 		}
+ 		user = xstrdup (pw->pw_name);
+ 	}
++	pw = __pw_dup(pw);
++	if (!pw) {
++		fprintf (stderr, _("%s: out of memory\n"), Prog);
++		exit (1);
++	}
+ 
+ #ifdef	USE_NIS
+ 	/*
--- shadow-4.0.18.1.orig/debian/patches/487_passwd_chauthtok_failed_message
+++ shadow-4.0.18.1/debian/patches/487_passwd_chauthtok_failed_message
@@ -0,0 +1,20 @@
+Goal: Be more verbose and indicate that the password was not changed when
+      pam_chauthtok fails (in addition to the PAM error, which may not be
+      comprehensible for the users)
+
+Fixes: #352137
+
+Status wrt upstream: not forwarded yet
+
+Index: shadow-4.0.18.1/libmisc/pam_pass.c
+===================================================================
+--- shadow-4.0.18.1.orig/libmisc/pam_pass.c	2005-10-19 17:21:07.000000000 +0200
++++ shadow-4.0.18.1/libmisc/pam_pass.c	2006-09-17 12:18:12.028148982 +0200
+@@ -38,6 +38,7 @@
+ 	ret = pam_chauthtok (pamh, flags);
+ 	if (ret != PAM_SUCCESS) {
+ 		fprintf (stderr, _("passwd: %s\n"), pam_strerror (pamh, ret));
++		fprintf (stderr, _("passwd: password unchanged\n"));
+ 		pam_end (pamh, ret);
+ 		exit (10);	/* XXX */
+ 	}
--- shadow-4.0.18.1.orig/debian/patches/433_shadow.5-typo_312430
+++ shadow-4.0.18.1/debian/patches/433_shadow.5-typo_312430
@@ -0,0 +1,18 @@
+Goal: fix typo
+Fixes:
+
+Status wrt upstream: Forwarded but not applied yet
+
+Index: shadow-4.0.18.1/man/shadow.5.xml
+===================================================================
+--- shadow-4.0.18.1.orig/man/shadow.5.xml	2006-07-24 07:48:36.000000000 +0200
++++ shadow-4.0.18.1/man/shadow.5.xml	2006-09-17 12:17:56.912028796 +0200
+@@ -50,7 +50,7 @@
+ 
+     <para>
+       The password field must be filled. The encrypted password consists of
+-      13 to 24 characters from the 64 characters alphabet a thru z, A thru
++      13 to 24 characters from the 64 character alphabet a thru z, A thru
+       Z, 0 thru 9, \. and /. Optionally it can start with a "$" character.
+       This means the encrypted password was generated using another (not
+       DES) algorithm. For example if it starts with "$1$" it means the
--- shadow-4.0.18.1.orig/debian/patches/592_manpages_typos
+++ shadow-4.0.18.1/debian/patches/592_manpages_typos
@@ -0,0 +1,36 @@
+Goal: fix some typos in the XML manpages.
+
+Fixes: #352135, 369806
+
+Status wrt upstream: Debian specific.
+
+It is probably a bug of docbook-xsl 1.68.1-0.1
+
+Index: shadow-4.0.18.1/man/passwd.1.xml
+===================================================================
+--- shadow-4.0.18.1.orig/man/passwd.1.xml	2006-07-24 07:48:36.000000000 +0200
++++ shadow-4.0.18.1/man/passwd.1.xml	2006-09-17 12:18:10.728138646 +0200
+@@ -87,8 +87,8 @@
+       <title>Hints for user passwords</title>
+       <para>
+ 	The security of a password depends upon the strength of the
+-	encryption algorithm and the size of the key space. The
+-	<emphasis>UNIX</emphasis> System encryption method is based on the
++	encryption algorithm and the size of the key space.
++	The <emphasis>UNIX</emphasis> System encryption method is based on the
+ 	NBS DES algorithm and is very secure. The size of the key space
+ 	depends upon the randomness of the password which is selected.
+       </para>
+Index: shadow-4.0.18.1/man/useradd.8.xml
+===================================================================
+--- shadow-4.0.18.1.orig/man/useradd.8.xml	2006-09-17 12:18:01.136062380 +0200
++++ shadow-4.0.18.1/man/useradd.8.xml	2006-09-17 12:18:10.728138646 +0200
+@@ -35,7 +35,7 @@
+     <title>DESCRIPTION</title>
+       <para>
+ 	When invoked without the <option>-D</option> option, the
+-	<command>useradd</command> command creates a new user account using
++	 <command>useradd</command> command creates a new user account using
+ 	the values specified on the command line and the default values from
+ 	the system. Depending on command line options, the useradd command
+ 	will update system files and may also create the new user's home
--- shadow-4.0.18.1.orig/debian/patches/406_vipw_resume_properly
+++ shadow-4.0.18.1/debian/patches/406_vipw_resume_properly
@@ -0,0 +1,21 @@
+Goal: Resume properly after ^Z
+
+Fix: #414542
+
+Author: dean gaudet <dean@arctic.org>
+
+Status wrt upstream: should be forwarded
+
+Index: shadow-4.0.18.1/src/vipw.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/vipw.c	2007-04-15 14:10:37.522147236 +0200
++++ shadow-4.0.18.1/src/vipw.c	2007-04-15 14:11:09.146401712 +0200
+@@ -208,7 +208,7 @@
+ 		pid = waitpid (pid, &status, WUNTRACED);
+ 		if (WIFSTOPPED (status)) {
+ 			kill (getpid (), SIGSTOP);
+-			kill (getpid (), SIGCONT);
++			kill (pid, SIGCONT);
+ 		} else
+ 			break;
+ 	}
--- shadow-4.0.18.1.orig/debian/patches/series
+++ shadow-4.0.18.1/debian/patches/series
@@ -0,0 +1,56 @@
+503_shadowconfig.8
+431_su_uid_0_not_root
+008_su_no_sanitize_env
+008_su_get_PAM_username
+428_grpck_add_prune_option
+434_login_stop_checking_args_after--
+008_login_log_failure_in_FTMP
+429_login_FAILLOG_ENAB
+438_su_GNU_origin
+#
+# 419_time_structures.dpatch  # must be checked another time
+433_shadow.5-typo_312430
+401_cppw_src.dpatch
+504_undef_USE_PAM.dpatch
+504_undef_USE_PAM.nolibpam
+506_relaxed_usernames
+507_32char_grnames.dpatch
+542_useradd-O_option
+451_login_PATH
+454_userdel_no_MAIL_FILE
+501_commonio_group_shadow
+462_warn_to_edit_shadow
+463_login_delay_obeys_to_PAM
+467_useradd_-r_LSB
+466_fflush-prompt
+468_duplicate_passwd_struct_before_usage
+523_su_arguments_are_concatenated
+523_su_arguments_are_no_more_concatenated_by_default
+479_chowntty_debug
+480_getopt_args_reorder
+483_su_fakelogin_wrong_arg0
+491_configure.in_friendly_selinux_detection
+592_manpages_typos
+402-clarify_usermod_usage
+487_passwd_chauthtok_failed_message
+403_fix_PATH-MAX_hurd
+508_nologin_in_usr_sbin
+495_salt_stack_smash
+496_login_init_session
+397_non_numerical_identifier
+498_man_nonpam_undefined
+301_passwd-typo-383216
+101_ja
+499_gettext-0.15
+102_de-fix-sorry
+404_man-fr
+103_man-de
+104_man-sv
+405_su_no_pam_end_before_exec
+493_pwck_no_SHADOWPWD
+505_useradd_recommend_adduser
+406_vipw_resume_properly
+497_newgrp_primary_group
+407_adduser_disable_PUG_with-n
+408_passwd_check_arguments
+409_man_generate_from_PO
--- shadow-4.0.18.1.orig/debian/patches/397_non_numerical_identifier
+++ shadow-4.0.18.1/debian/patches/397_non_numerical_identifier
@@ -0,0 +1,43 @@
+Goal: allow non numerical group identifier to be specified with useradd's
+      and usermod's -g options
+
+Fixes: #381394, #381399, #381404, #381408, #381448
+
+Status wrt upstream: Applied in CVS
+
+Index: shadow-4.0.18.1/src/useradd.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/useradd.c	2006-09-17 12:25:16.499523435 +0200
++++ shadow-4.0.18.1/src/useradd.c	2006-09-17 12:25:28.379617865 +0200
+@@ -206,11 +206,8 @@
+ 	char *errptr;
+ 
+ 	gid = strtol (grname, &errptr, 10);
+-	if (*errptr || errno == ERANGE || gid < 0) {
+-		fprintf (stderr,
+-			 _("%s: invalid numeric argument '%s'\n"), Prog, grname);
+-		exit (E_BAD_ARG);
+-	}
++	if (*grname != '\0' && *errptr == '\0' && errno != ERANGE && gid >= 0)
++		return getgrgid (gid);
+ 	return getgrnam (grname);
+ }
+ 
+Index: shadow-4.0.18.1/src/usermod.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/usermod.c	2006-09-17 12:25:24.475586833 +0200
++++ shadow-4.0.18.1/src/usermod.c	2006-09-17 12:25:28.383617897 +0200
+@@ -167,11 +167,8 @@
+ 	char *errptr;
+ 
+ 	val = strtol (grname, &errptr, 10);
+-	if (*errptr || errno == ERANGE || val < 0) {
+-		fprintf (stderr, _("%s: invalid numeric argument '%s'\n"), Prog,
+-			 grname);
+-		exit (E_BAD_ARG);
+-	}
++	if (*grname != '\0' && *errptr == '\0' && errno != ERANGE && val >= 0)
++		return getgrgid (val);
+ 	return getgrnam (grname);
+ }
+ 
--- shadow-4.0.18.1.orig/debian/patches/403_fix_PATH-MAX_hurd
+++ shadow-4.0.18.1/debian/patches/403_fix_PATH-MAX_hurd
@@ -0,0 +1,46 @@
+Goal: Fix FTBFS on Hurd because PATH-MAX is undefined
+
+Fix: #372155
+
+Author: Michael Banck  <mbanck@debian.org>
+
+Status wrt upstream: should be forwarded
+
+Index: shadow-4.0.18.1/lib/commonio.c
+===================================================================
+--- shadow-4.0.18.1/lib/commonio.c.orig	2006-12-07 06:57:01.000000000 +0000
++++ shadow-4.0.18.1/lib/commonio.c	2006-12-07 06:57:40.000000000 +0000
+@@ -46,17 +47,31 @@
+ int lrename (const char *old, const char *new)
+ {
+ 
++#ifdef PATH_MAX
+ 	char resolved_path[PATH_MAX];
++#endif
++	char *r;
+ 	int res;
+ 
+ #if defined(S_ISLNK)
+ 	struct stat sb = { 0 };
+ 	if (lstat (new, &sb) == 0 && S_ISLNK (sb.st_mode)) {
+-		if (realpath (new, resolved_path) == NULL) {
++#ifndef PATH_MAX
++		r = realpath (new, NULL);
++#else
++		r = realpath (new, resolved_path);
++#endif
++		if (r == NULL) {
++#ifndef PATH_MAX
++			free (r);
++#endif
+ 			perror ("realpath in lrename()");
+ 		} else {
+-			new = resolved_path;
++			new = r;
+ 		}
++#ifndef PATH_MAX
++	free (r);
++#endif
+ 	}
+ #endif
+ 	res = rename (old, new);
--- shadow-4.0.18.1.orig/debian/patches/506_relaxed_usernames
+++ shadow-4.0.18.1/debian/patches/506_relaxed_usernames
@@ -0,0 +1,75 @@
+Goal: Relaxed usernames/groupnames checking patch.
+
+Status wrt upstream: Debian specific. Not to be used upstream
+
+Details:
+ Allows any non-empty user/grounames that don't contain ':' and '\n'
+ characters and don't start with '-'. This patch is more restrictive
+ than original Karl's version. closes: #264879
+ Also closes: #377844
+ 
+ Comments from Karl Ramm (shadow 1:4.0.3-9, 20 Aug 2003 02:06:50 -0400):
+ 
+ I can't come up with a good justification as to why characters other
+ than ':'s and '\0's should be disallowed in group and usernames (other
+ than '-' as the leading character).  Thus, the maintenance tools don't
+ anymore.  closes: #79682, #166798, #171179
+
+Index: shadow-4.0.18.1/libmisc/chkname.c
+===================================================================
+--- shadow-4.0.18.1.orig/libmisc/chkname.c	2005-08-31 19:24:57.000000000 +0200
++++ shadow-4.0.18.1/libmisc/chkname.c	2006-09-17 12:17:59.836052044 +0200
+@@ -17,6 +17,7 @@
+ #endif
+ static int good_name (const char *name)
+ {
++#if 0
+ 	/*
+ 	 * User/group names must match [a-z_][a-z0-9_-]*[$]
+ 	 */
+@@ -30,6 +31,16 @@
+ 		      (*name == '$' && *(name + 1) == '\0')))
+ 			return 0;
+ 	}
++#endif
++	/*
++	 * Allow more relaxed user/group names in Debian -- ^[^-:\n][^:\n]*$
++	 */
++	if (!*name || *name == '-')
++		return 0;
++	do
++		if (*name == ':' || *name == '\n')
++			return 0;
++	while (*++name);
+ 
+ 	return 1;
+ }
+Index: shadow-4.0.18.1/man/useradd.8.xml
+===================================================================
+--- shadow-4.0.18.1.orig/man/useradd.8.xml	2006-07-24 07:48:36.000000000 +0200
++++ shadow-4.0.18.1/man/useradd.8.xml	2006-09-17 12:17:59.836052044 +0200
+@@ -172,6 +172,7 @@
+ 	    valid in conjunction with the <option>-m</option> option. The
+ 	    default is to not create the directory and to not copy any
+ 	    files.
++	    This option may not function correctly if the username has a / in it.
+ 	  </para>
+ 	</listitem>
+       </varlistentry>
+@@ -353,9 +354,13 @@
+     </para>
+ 
+     <para>
+-      Usernames must begin with a lower case letter or an underscore, and
+-      only lower case letters, underscores, dashes, and dollar signs may
+-      follow. In regular expression terms: [a-z_][a-z0-9_-]*[$]
++      It is usually recommended to only use usernames that begin with
++      a lower case letter or an underscore, and are only followed by lower
++      case letters, digits, underscores, dashes, and optionally terminated by
++      a dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?
++      On Debian, the only constraints are that usernames must neither start with a
++      dash ('-') nor contain a colon (':')
++      or an end of line ('\n').
+     </para>
+   </refsect1>
+ 
--- shadow-4.0.18.1.orig/debian/patches/409_man_generate_from_PO
+++ shadow-4.0.18.1/debian/patches/409_man_generate_from_PO
@@ -0,0 +1,239 @@
+Goal: Build the translated man pages at build time.
+
+Note: Translators must list the manpages which are translated in the
+man_MANS (and man_nopam) variables.
+
+Status wrt upstream: not reported yet.
+
+Index: shadow-4.0.18.1/man/Makefile.am
+===================================================================
+--- shadow-4.0.18.1.orig/man/Makefile.am	2007-05-17 13:50:42.000000000 +0200
++++ shadow-4.0.18.1/man/Makefile.am	2007-05-17 13:50:43.000000000 +0200
+@@ -114,141 +114,20 @@
+ 
+ if ENABLE_REGENERATE_MAN
+ 
+-chage.1: chage.1.xml
++%: %.xml
+ 	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+ 
+-chfn.1: chfn.1.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-chgpasswd.8: chgpasswd.8.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-chpasswd.8: chpasswd.8.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-chsh.1: chsh.1.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-expiry.1: expiry.1.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-faillog.5: faillog.5.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-faillog.8: faillog.8.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-gpasswd.1: gpasswd.1.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-groupadd.8: groupadd.8.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-groupdel.8: groupdel.8.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-groupmems.8: groupmems.8.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-groupmod.8: groupmod.8.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-groups.1: groups.1.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-grpck.8: grpck.8.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-gshadow.5: gshadow.5.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-id.1: id.1.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-lastlog.8: lastlog.8.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-limits.5: limits.5.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
++grpconv.8 grpunconv.8 pwunconv.8: pwconv.8
+ 
+-login.1: login.1.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
++getspnam.3: shadow.3
+ 
+-login.access.5: login.access.5.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
++vigr.8: vipw.8
+ 
+-login.defs.5: login.defs.5.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-logoutd.8: logoutd.8.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-newgrp.1: newgrp.1.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-newusers.8: newusers.8.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-nologin.8: nologin.8.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-passwd.1: passwd.1.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-passwd.5: passwd.5.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-porttime.5: porttime.5.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-pwck.8: pwck.8.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-grpconv.8 grpunconv.8 pwconv.8 pwunconv.8: pwconv.8.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-shadow.3 getspnam.3: shadow.3.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-shadow.5: shadow.5.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-sg.1: sg.1.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-su.1: su.1.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-sulogin.8: sulogin.8.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-suauth.5: suauth.5.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-useradd.8: useradd.8.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-userdel.8: userdel.8.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-usermod.8: usermod.8.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-vigr.8 vipw.8: vipw.8.xml
+-	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
+-
+-CLEANFILES = $(man_MANS) $(ALL_TRANSLATED_XMLS)
++CLEANFILES = $(man_MANS)
+ 
+ POFILES = $(foreach lang, $(LINGUAS), $(lang)/$(lang).po)
+-ALL_TRANSLATED_XMLS = $(foreach dir, $(LINGUAS), $(foreach xmlfile, $(man_XMANS), $(dir)/$(xmlfile)))
+-
+-all: $(POFILES) $(ALL_TRANSLATED_XMLS)
+-
+-gen-xmls: $(ALL_TRANSLATED_XMLS)
+ 
+-$(ALL_TRANSLATED_XMLS): $(man_XMANS)
+-	xml2po -l $(strip $(subst /,, $(dir $@))) -p $(strip $(subst /,, $(dir $@)))/$(strip $(subst /,, $(dir $@))).po -o $@ $(notdir $@)
+-	sed -i 's:\(^<refentry .*\)>:\1 lang="$(strip $(subst /,, $(dir $@)))">:' $@
++all: $(POFILES)
+ 
+ $(POFILES): shadow-man-pages.pot
+ 
+Index: shadow-4.0.18.1/man/de/Makefile.am
+===================================================================
+--- shadow-4.0.18.1.orig/man/de/Makefile.am	2006-08-03 12:00:56.000000000 +0200
++++ shadow-4.0.18.1/man/de/Makefile.am	2007-05-17 13:50:43.000000000 +0200
+@@ -13,3 +13,6 @@
+ 	vipw.8
+ 
+ EXTRA_DIST = $(man_MANS)
++
++include ../generate_translations.mak
++
+Index: shadow-4.0.18.1/man/fr/Makefile.am
+===================================================================
+--- shadow-4.0.18.1.orig/man/fr/Makefile.am	2006-08-03 12:25:46.000000000 +0200
++++ shadow-4.0.18.1/man/fr/Makefile.am	2007-05-17 15:43:17.000000000 +0200
+@@ -53,3 +53,6 @@
+ EXTRA_DIST = \
+ 	$(man_MANS) \
+ 	$(man_nopam)
++
++include ../generate_translations.mak
++
+Index: shadow-4.0.18.1/man/generate_translations.mak
+===================================================================
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
++++ shadow-4.0.18.1/man/generate_translations.mak	2007-05-17 15:44:34.000000000 +0200
+@@ -0,0 +1,20 @@
++if ENABLE_REGENERATE_MAN
++
++LANG=$(notdir $(CURDIR))
++
++%.xml: ../%.xml $(LANG).po
++	xml2po -l $(LANG) -p $(LANG).po -o $@ ../$@
++	sed -i 's:\(^<refentry .*\)>:\1 lang="$(LANG)">:' $@
++
++%: %.xml
++	$(XSLTPROC) -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $<
++
++grpconv.8 grpunconv.8 pwunconv.8: pwconv.8
++
++getspnam.3: shadow.3
++
++vigr.8: vipw.8
++
++CLEANFILES = .xml2po.mo $(man_MANS) $(addsuffix .xml,$(man_MANS))
++
++endif
+Index: shadow-4.0.18.1/man/pl/Makefile.am
+===================================================================
+--- shadow-4.0.18.1.orig/man/pl/Makefile.am	2006-08-03 12:08:58.000000000 +0200
++++ shadow-4.0.18.1/man/pl/Makefile.am	2007-05-17 13:50:43.000000000 +0200
+@@ -53,3 +53,6 @@
+ 	id.1 \
+ 	shadow.3 \
+ 	sulogin.8
++
++include ../generate_translations.mak
++
+Index: shadow-4.0.18.1/man/ru/Makefile.am
+===================================================================
+--- shadow-4.0.18.1.orig/man/ru/Makefile.am	2006-08-03 12:09:45.000000000 +0200
++++ shadow-4.0.18.1/man/ru/Makefile.am	2007-05-17 13:50:43.000000000 +0200
+@@ -58,3 +58,6 @@
+ 	$(man_nopam) \
+ 	id.1 \
+ 	sulogin.8
++
++include ../generate_translations.mak
++
+Index: shadow-4.0.18.1/man/sv/Makefile.am
+===================================================================
+--- shadow-4.0.18.1.orig/man/sv/Makefile.am	2007-05-17 13:50:41.000000000 +0200
++++ shadow-4.0.18.1/man/sv/Makefile.am	2007-05-17 13:50:43.000000000 +0200
+@@ -55,3 +55,6 @@
+ EXTRA_DIST = \
+ 	$(man_MANS) \
+ 	$(man_nopam)
++
++include ../generate_translations.mak
++
--- shadow-4.0.18.1.orig/debian/patches/504_undef_USE_PAM.nolibpam
+++ shadow-4.0.18.1/debian/patches/504_undef_USE_PAM.nolibpam
@@ -0,0 +1,50 @@
+Index: shadow-4.0.18.1/src/Makefile.am
+===================================================================
+--- shadow-4.0.18.1.orig/src/Makefile.am	2006-09-17 12:17:57.524033662 +0200
++++ shadow-4.0.18.1/src/Makefile.am	2006-09-17 12:17:59.228047210 +0200
+@@ -54,17 +54,17 @@
+ 		 $(top_builddir)/lib/libshadow.la
+ AM_CPPFLAGS    = -DLOCALEDIR=\"$(datadir)/locale\"
+ 
+-chage_LDADD    = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX)
++chage_LDADD    = $(LDADD) $(LIBAUDIT) $(LIBSELINUX)
+ chfn_LDADD     = $(LDADD) $(LIBPAM) $(LIBSELINUX)
+-chgpasswd_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX)
++chgpasswd_LDADD = $(LDADD) $(LIBSELINUX)
+ chsh_LDADD     = $(LDADD) $(LIBPAM) $(LIBSELINUX)
+-chpasswd_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX)
++chpasswd_LDADD = $(LDADD) $(LIBSELINUX)
+ cppw_LDADD     = $(LDADD) $(LIBSELINUX)
+ gpasswd_LDADD  = $(LDADD) $(LIBAUDIT) $(LIBSELINUX)
+-groupadd_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX)
+-groupdel_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX)
++groupadd_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX)
++groupdel_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX)
+ groupmems_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX)
+-groupmod_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX)
++groupmod_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX)
+ grpck_LDADD    = $(LDADD) $(LIBSELINUX)
+ grpconv_LDADD  = $(LDADD) $(LIBSELINUX)
+ grpunconv_LDADD = $(LDADD) $(LIBSELINUX)
+@@ -73,7 +73,7 @@
+ 	login_nopam.c
+ login_LDADD    = $(LDADD) $(LIBPAM) $(LIBAUDIT)
+ newgrp_LDADD   = $(LDADD) $(LIBPAM) $(LIBAUDIT)
+-newusers_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX)
++newusers_LDADD = $(LDADD) $(LIBSELINUX)
+ nologin_LDADD  =
+ passwd_LDADD   = $(LDADD) $(LIBPAM) $(LIBCRACK) $(LIBAUDIT) $(LIBSELINUX)
+ pwck_LDADD     = $(LDADD) $(LIBSELINUX)
+@@ -83,9 +83,9 @@
+ 	su.c \
+ 	suauth.c
+ su_LDADD       = $(LDADD) $(LIBPAM)
+-useradd_LDADD  = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX)
+-userdel_LDADD  = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX)
+-usermod_LDADD  = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX)
++useradd_LDADD  = $(LDADD) $(LIBAUDIT) $(LIBSELINUX)
++userdel_LDADD  = $(LDADD) $(LIBAUDIT) $(LIBSELINUX)
++usermod_LDADD  = $(LDADD) $(LIBAUDIT) $(LIBSELINUX)
+ vipw_LDADD     = $(LDADD) $(LIBSELINUX)
+ 
+ install-am: all-am
--- shadow-4.0.18.1.orig/debian/patches/508_nologin_in_usr_sbin
+++ shadow-4.0.18.1/debian/patches/508_nologin_in_usr_sbin
@@ -0,0 +1,20 @@
+Index: shadow-4.0.18.1/src/Makefile.am
+===================================================================
+--- shadow-4.0.18.1.orig/src/Makefile.am	2006-09-17 12:17:59.228047210 +0200
++++ shadow-4.0.18.1/src/Makefile.am	2006-09-17 12:18:13.284158968 +0200
+@@ -21,7 +21,6 @@
+ # $prefix/bin and $prefix/sbin, no install-data hacks...)
+ 
+ bin_PROGRAMS   = groups login su
+-sbin_PROGRAMS  = nologin
+ ubin_PROGRAMS  = faillog lastlog chage chfn chsh expiry gpasswd newgrp passwd
+ usbin_PROGRAMS = \
+ 	cppw \
+@@ -36,6 +35,7 @@
+ 	grpunconv \
+ 	logoutd \
+ 	newusers \
++	nologin \
+ 	pwck \
+ 	pwconv \
+ 	pwunconv \
--- shadow-4.0.18.1.orig/debian/patches/504_undef_USE_PAM.dpatch
+++ shadow-4.0.18.1/debian/patches/504_undef_USE_PAM.dpatch
@@ -0,0 +1,175 @@
+Goal: Do not use PAM for chage, chpasswd, groupadd, groupdel, groupmod
+      newusers, useradd, userdel, usermod, chgpasswd (keep them low-level)
+Fixes: #283961, #162181, #162199, #162228, #369806.
+
+Index: shadow-4.0.18.1/src/chage.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/chage.c	2006-07-19 18:38:57.000000000 +0200
++++ shadow-4.0.18.1/src/chage.c	2006-09-17 12:17:58.228039259 +0200
+@@ -28,6 +28,7 @@
+  */
+ 
+ #include <config.h>
++#undef USE_PAM
+ 
+ #ident "$Id: chage.c,v 1.73 2006/07/11 13:15:41 kloczek Exp $"
+ 
+Index: shadow-4.0.18.1/src/chpasswd.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/chpasswd.c	2006-06-24 12:18:55.000000000 +0200
++++ shadow-4.0.18.1/src/chpasswd.c	2006-09-17 12:17:58.228039259 +0200
+@@ -28,6 +28,7 @@
+  */
+ 
+ #include <config.h>
++#undef USE_PAM
+ 
+ #ident "$Id: chpasswd.c,v 1.37 2006/06/24 10:18:55 kloczek Exp $"
+ 
+Index: shadow-4.0.18.1/src/groupadd.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/groupadd.c	2006-07-28 19:38:52.000000000 +0200
++++ shadow-4.0.18.1/src/groupadd.c	2006-09-17 12:17:58.232039291 +0200
+@@ -28,6 +28,7 @@
+  */
+ 
+ #include <config.h>
++#undef USE_PAM
+ 
+ #ident "$Id: groupadd.c,v 1.55 2006/07/28 17:38:52 kloczek Exp $"
+ 
+Index: shadow-4.0.18.1/src/groupdel.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/groupdel.c	2006-01-18 20:55:15.000000000 +0100
++++ shadow-4.0.18.1/src/groupdel.c	2006-09-17 12:17:58.244039386 +0200
+@@ -28,6 +28,7 @@
+  */
+ 
+ #include <config.h>
++#undef USE_PAM
+ 
+ #ident "$Id: groupdel.c,v 1.31 2006/01/18 19:55:15 kloczek Exp $"
+ 
+Index: shadow-4.0.18.1/src/groupmod.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/groupmod.c	2006-07-28 19:38:52.000000000 +0200
++++ shadow-4.0.18.1/src/groupmod.c	2006-09-17 12:17:58.248039418 +0200
+@@ -28,6 +28,7 @@
+  */
+ 
+ #include <config.h>
++#undef USE_PAM
+ 
+ #ident "$Id: groupmod.c,v 1.41 2006/07/28 17:38:52 kloczek Exp $"
+ 
+Index: shadow-4.0.18.1/src/newusers.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/newusers.c	2006-03-07 16:50:33.000000000 +0100
++++ shadow-4.0.18.1/src/newusers.c	2006-09-17 12:17:58.248039418 +0200
+@@ -34,6 +34,7 @@
+  */
+ 
+ #include <config.h>
++#undef USE_PAM
+ 
+ #ident "$Id: newusers.c,v 1.33 2006/03/07 15:47:32 kloczek Exp $"
+ 
+Index: shadow-4.0.18.1/src/useradd.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/useradd.c	2006-07-28 19:42:48.000000000 +0200
++++ shadow-4.0.18.1/src/useradd.c	2006-09-17 12:17:58.252039450 +0200
+@@ -28,6 +28,7 @@
+  */
+ 
+ #include <config.h>
++#undef USE_PAM
+ 
+ #ident "$Id: useradd.c,v 1.100 2006/07/28 17:42:48 kloczek Exp $"
+ 
+Index: shadow-4.0.18.1/src/userdel.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/userdel.c	2006-07-10 06:11:32.000000000 +0200
++++ shadow-4.0.18.1/src/userdel.c	2006-09-17 12:17:58.256039482 +0200
+@@ -28,6 +28,7 @@
+  */
+ 
+ #include <config.h>
++#undef USE_PAM
+ 
+ #ident "$Id: userdel.c,v 1.66 2006/07/10 04:11:32 kloczek Exp $"
+ 
+Index: shadow-4.0.18.1/src/usermod.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/usermod.c	2006-07-28 19:42:48.000000000 +0200
++++ shadow-4.0.18.1/src/usermod.c	2006-09-17 12:17:58.256039482 +0200
+@@ -28,6 +28,7 @@
+  */
+ 
+ #include <config.h>
++#undef USE_PAM
+ 
+ #ident "$Id: usermod.c,v 1.71 2006/07/28 17:42:48 kloczek Exp $"
+ 
+Index: shadow-4.0.18.1/src/chgpasswd.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/chgpasswd.c	2006-06-20 22:00:04.000000000 +0200
++++ shadow-4.0.18.1/src/chgpasswd.c	2006-09-17 12:17:58.260039514 +0200
+@@ -28,6 +28,7 @@
+  */
+ 
+ #include <config.h>
++#undef USE_PAM
+ 
+ #ident "$Id: chgpasswd.c,v 1.5 2006/06/20 20:00:04 kloczek Exp $"
+ 
+Index: shadow-4.0.18.1/lib/getdef.c
+===================================================================
+--- shadow-4.0.18.1.orig/lib/getdef.c	2006-09-17 12:17:55.628018587 +0200
++++ shadow-4.0.18.1/lib/getdef.c	2006-09-17 12:17:58.260039514 +0200
+@@ -82,6 +82,9 @@
+ 	{"UMASK", NULL},
+ 	{"USERDEL_CMD", NULL},
+ 	{"USERGROUPS_ENAB", NULL},
++	/* some utilities are not compiled with PAM, and need
++	 * MD5_CRYPT_ENAB variable to know wether the passwords use MD5 */
++	{"MD5_CRYPT_ENAB", NULL},
+ #ifndef USE_PAM
+ 	{"CHFN_AUTH", NULL},
+ 	{"CHSH_AUTH", NULL},
+@@ -93,7 +96,6 @@
+ 	{"LASTLOG_ENAB", NULL},
+ 	{"LOGIN_STRING", NULL},
+ 	{"MAIL_CHECK_ENAB", NULL},
+-	{"MD5_CRYPT_ENAB", NULL},
+ 	{"MOTD_FILE", NULL},
+ 	{"NOLOGINS_FILE", NULL},
+ 	{"OBSCURE_CHECKS_ENAB", NULL},
+Index: shadow-4.0.18.1/lib/prototypes.h
+===================================================================
+--- shadow-4.0.18.1.orig/lib/prototypes.h	2006-02-07 17:36:30.000000000 +0100
++++ shadow-4.0.18.1/lib/prototypes.h	2006-09-17 12:17:58.260039514 +0200
+@@ -130,8 +130,12 @@
+ /* rlogin.c */
+ extern int do_rlogin (const char *, char *, int, char *, int);
+ 
++#ifndef USE_PAM
++/* As we are messing up with USE_PAM in libmisc/salt.c, make sure
++ * crypt_make_salt is never used with utilities compiled with PAM */
+ /* salt.c */
+ extern char *crypt_make_salt (void);
++#endif
+ 
+ /* setugid.c */
+ extern int setup_groups (const struct passwd *);
+Index: shadow-4.0.18.1/libmisc/salt.c
+===================================================================
+--- shadow-4.0.18.1.orig/libmisc/salt.c	2005-08-31 19:24:58.000000000 +0200
++++ shadow-4.0.18.1/libmisc/salt.c	2006-09-17 12:17:58.260039514 +0200
+@@ -6,6 +6,7 @@
+  */
+ 
+ #include <config.h>
++#undef USE_PAM
+ 
+ #ident "$Id: salt.c,v 1.10 2005/08/31 17:24:58 kloczek Exp $"
+ 
--- shadow-4.0.18.1.orig/debian/patches/523_su_arguments_are_concatenated
+++ shadow-4.0.18.1/debian/patches/523_su_arguments_are_concatenated
@@ -0,0 +1,50 @@
+Goal: Concatenate the non-su arguments and provide them to the shell with
+      the -c option
+Fixes: #317264
+       see also #276419
+
+Status wrt upstream: This is a Debian specific patch.
+
+Note: the fix of the man page is still missing.
+      (to be taken from the trunk)
+
+Index: shadow-4.0.18.1/src/su.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/su.c	2006-09-17 12:17:56.308023993 +0200
++++ shadow-4.0.18.1/src/su.c	2006-09-17 12:18:07.008109068 +0200
+@@ -879,6 +879,35 @@
+ 			argv[0] = "-c";
+ 			argv[1] = command;
+ 		}
++		/* On Debian, the arguments are concatenated and the
++		 * resulted string is always given to the shell with its
++		 * -c option.
++		 */
++		{
++			char **parg;
++			unsigned int cmd_len = 0;
++			char *cmd = NULL;
++			if (strcmp(argv[0], "-c") != 0) {
++				argv--;
++				argv[0] = "-c";
++			}
++			/* Now argv[0] is always -c, and other arguments
++			 * can be concatenated
++			 */
++			cmd_len = 1; /* finale '\0' */
++			for (parg = &argv[1]; *parg; parg++) {
++				cmd_len += strlen (*parg) + 1;
++			}
++			cmd = (char *) xmalloc (sizeof (char) * cmd_len);
++			cmd[0] = '\0';
++			for (parg = &argv[1]; *parg; parg++) {
++				strcat (cmd, " ");
++				strcat (cmd, *parg);
++			}
++			cmd[cmd_len - 1] = '\0';
++			argv[1] = &cmd[1]; /* do not take first space */
++			argv[2] = NULL;
++		}
+ 		/*
+ 		 * Use the shell and create an argv
+ 		 * with the rest of the command line included.
--- shadow-4.0.18.1.orig/debian/patches/438_su_GNU_origin
+++ shadow-4.0.18.1/debian/patches/438_su_GNU_origin
@@ -0,0 +1,35 @@
+Goal: Be up front on the origin of our su.
+Fixes: #244297
+
+Status wrt upstream: It must be forwarded upstream.
+                     Upstream also uses some bits from the GNU shellutils.
+
+Index: shadow-4.0.18.1/src/su.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/su.c	2006-09-17 12:17:53.099998487 +0200
++++ shadow-4.0.18.1/src/su.c	2006-09-17 12:17:56.308023993 +0200
+@@ -26,6 +26,24 @@
+  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+  * SUCH DAMAGE.
+  */
++/* Some parts substantially derived from an ancestor of: */
++/* su for GNU.  Run a shell with substitute user and group IDs.
++   Copyright (C) 1992-2003 Free Software Foundation, Inc.
++
++   This program is free software; you can redistribute it and/or modify
++   it under the terms of the GNU General Public License as published by
++   the Free Software Foundation; either version 2, or (at your option)
++   any later version.
++
++   This program is distributed in the hope that it will be useful,
++   but WITHOUT ANY WARRANTY; without even the implied warranty of
++   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++   GNU General Public License for more details.
++
++   You should have received a copy of the GNU General Public License
++   along with this program; if not, write to the Free Software Foundation,
++   Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.  */
++
+ 
+ #include <config.h>
+ 
--- shadow-4.0.18.1.orig/debian/patches/407_adduser_disable_PUG_with-n
+++ shadow-4.0.18.1/debian/patches/407_adduser_disable_PUG_with-n
@@ -0,0 +1,78 @@
+Goal: Document the creation of primary user groups.
+      Add the -n option to disable this behavior.
+
+Fixes: #416835
+
+Status wrt upstream: not reported yet.
+
+Notes:
+  * The nflg variable already existed, but was never set.
+
+  * This could also be done by just specifying that the -g's argument is
+    optional. As -n is already implemented in RedHat, it may be better
+    for compatibility to keep it.
+
+  * The debian/useradd.default file had to be updated to reflect these
+    changes.
+
+Index: shadow-4.0.18.1/man/useradd.8.xml
+===================================================================
+--- shadow-4.0.18.1.orig/man/useradd.8.xml	2007-04-15 16:16:36.000000000 +0200
++++ shadow-4.0.18.1/man/useradd.8.xml	2007-04-15 16:49:17.000000000 +0200
+@@ -134,8 +134,7 @@
+ 	  <para>
+ 	    The group name or number of the user's initial login group. The
+ 	    group name must exist. A group number must refer to an already
+-	    existing group. The default group number is 1 or whatever is
+-	    specified in <filename>/etc/default/useradd</filename>.
++	    existing group.
+ 	  </para>
+ 	</listitem>
+       </varlistentry>
+@@ -184,6 +183,23 @@
+       </varlistentry>
+       <varlistentry>
+ 	<term>
++	  <option>-n</option>
++	</term>
++	<listitem>
++	  <para>
++	    A group having the same name as the user being added to the
++	    system will be created by default (when <option>-g</option> is
++	    not specified). This option will turn off this behavior. When
++	    this option is used, users by default will be placed in
++	    whatever group is specified in the
++	    <replaceable>GROUP</replaceable> variable of
++	    <filename>/etc/default/useradd</filename>. If no default group
++	    is defined, group 100 (users) will be used.
++	  </para>
++	</listitem>
++      </varlistentry>
++      <varlistentry>
++	<term>
+ 	  <option>-K</option>, <option>--key</option>
+ 	  <replaceable>KEY</replaceable>=<replaceable>VALUE</replaceable>
+ 	</term>
+Index: shadow-4.0.18.1/src/useradd.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/useradd.c	2007-04-15 16:15:22.000000000 +0200
++++ shadow-4.0.18.1/src/useradd.c	2007-04-15 16:16:11.000000000 +0200
+@@ -1036,7 +1036,7 @@
+ 			{NULL, 0, NULL, '\0'}
+ 		};
+ 		while ((c =
+-			getopt_long (argc, argv, "b:c:d:De:f:g:G:k:O:K:mMop:rs:u:",
++			getopt_long (argc, argv, "b:c:d:De:f:g:G:k:O:K:mMnop:rs:u:",
+ 				     long_options, NULL)) != -1) {
+ 			switch (c) {
+ 			case 'b':
+@@ -1177,6 +1177,9 @@
+ 			case 'm':
+ 				mflg++;
+ 				break;
++			case 'n':
++				nflg++;
++				break;
+ 			case 'o':
+ 				oflg++;
+ 				break;
--- shadow-4.0.18.1.orig/debian/patches/404_man-fr
+++ shadow-4.0.18.1/debian/patches/404_man-fr
@@ -0,0 +1,19 @@
+Goal: Fix an error in the passwd.1 French translation
+
+Fixes: #395537
+
+Status wrt upstream: Should be forwarded
+
+Index: shadow-4.0.18.1/man/fr/fr.po
+===================================================================
+--- shadow-4.0.18.1.orig/man/fr/fr.po	2006-10-28 07:23:12.651916379 +0200
++++ shadow-4.0.18.1/man/fr/fr.po	2006-10-28 07:23:41.768138592 +0200
+@@ -3333,7 +3333,7 @@
+ #: passwd.1.xml:377(para)
+ msgid "<filename>passwd</filename> file busy, try again"
+ msgstr ""
+-"fichier <filename>passwdw/filename> en cours d'utilisation, veuillez "
++"fichier <filename>passwd</filename> en cours d'utilisation, veuillez "
+ "réessayer plus tard"
+ 
+ #: passwd.1.xml:341(para)
--- shadow-4.0.18.1.orig/debian/patches/008_su_get_PAM_username
+++ shadow-4.0.18.1/debian/patches/008_su_get_PAM_username
@@ -0,0 +1,34 @@
+Goal: ???
+
+Notes:
+ * It still needs more investigation.
+   I don't know what this patch is used for. IMO, the user name is
+   already known before calling pam_get_item(pamh, PAM_USER, ...)
+
+Index: shadow-4.0.18.1/src/su.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/su.c	2006-09-17 12:17:52.483993589 +0200
++++ shadow-4.0.18.1/src/su.c	2006-09-17 12:17:53.099998487 +0200
+@@ -287,6 +287,7 @@
+ 	struct passwd *pw = 0;
+ 	char **envp = environ;
+ 	char *shellstr = 0, *command = 0;
++	char *tmp_name;
+ 
+ #ifdef USE_PAM
+ 	char **envcp;
+@@ -652,6 +653,14 @@
+ 			su_failure (tty);
+ 		}
+ 	}
++	ret = pam_get_item(pamh, PAM_USER, (const void **) &tmp_name);
++	if (ret != PAM_SUCCESS) {
++		SYSLOG((LOG_ERR, "pam_get_item: internal PAM error\n"));
++		fprintf(stderr, "%s: Internal PAM error retrieving username\n", Prog);
++		pam_end(pamh, ret);
++		su_failure(tty);
++	}
++	strncpy(name, tmp_name, sizeof(name) - 1);
+ #else				/* !USE_PAM */
+ 	/*
+ 	 * Set up a signal handler in case the user types QUIT.
--- shadow-4.0.18.1.orig/debian/patches/451_login_PATH
+++ shadow-4.0.18.1/debian/patches/451_login_PATH
@@ -0,0 +1,36 @@
+Goal: set PATH according to ENV_SUPATH and ENV_PATH (for login), as for
+      su.
+Fixes: #330803
+
+Status wrt upstream:
+
+Index: shadow-4.0.18.1/libmisc/setupenv.c
+===================================================================
+--- shadow-4.0.18.1.orig/libmisc/setupenv.c	2006-05-13 01:13:10.000000000 +0200
++++ shadow-4.0.18.1/libmisc/setupenv.c	2006-09-17 12:18:01.768067405 +0200
+@@ -186,8 +186,8 @@
+ {
+ #ifndef USE_PAM
+ 	char *envf;
+-	char *cp;
+ #endif
++	char *cp;
+ 
+ 	/*
+ 	 * Change the current working directory to be the home directory
+@@ -242,7 +242,6 @@
+ 	addenv ("USER", info->pw_name);
+ 	addenv ("LOGNAME", info->pw_name);
+ 
+-#ifndef USE_PAM
+ 	/*
+ 	 * Create the PATH environmental variable and export it.
+ 	 */
+@@ -259,6 +258,7 @@
+ 		/* only value specified without "PATH=" */
+ 		addenv ("PATH", cp);
+ 	}
++#ifndef USE_PAM
+ 
+ 	/*
+ 	 * Create the MAIL environmental variable and export it.  login.defs
--- shadow-4.0.18.1.orig/debian/patches/462_warn_to_edit_shadow
+++ shadow-4.0.18.1/debian/patches/462_warn_to_edit_shadow
@@ -0,0 +1,68 @@
+Goal: Warn about possible need to edit shadow files when editing the 
+      master files with vipw
+
+Fixes: #62821
+
+Status wrt upstream: Forwarded but not applied yet
+
+Index: shadow-4.0.18.1/src/vipw.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/vipw.c	2006-06-20 22:00:04.000000000 +0200
++++ shadow-4.0.18.1/src/vipw.c	2006-09-17 12:18:03.644082321 +0200
+@@ -41,6 +41,12 @@
+ #include "pwio.h"
+ #include "sgroupio.h"
+ #include "shadowio.h"
++
++#define MSG_WARN_EDIT_OTHER_FILE _( \
++	"You have modified %s.\n"\
++	"You may need to modify %s for consistency.\n"\
++	"Please use the command `%s' to do so.\n")
++
+ /*
+  * Global variables
+  */
+@@ -285,17 +291,39 @@
+ 	}
+ 
+ 	if (do_vipw) {
+-		if (editshadow)
++		if (editshadow) {
+ 			vipwedit (SHADOW_FILE, spw_lock, spw_unlock);
+-		else
++			printf (MSG_WARN_EDIT_OTHER_FILE,
++			        SHADOW_FILE,
++			        PASSWD_FILE,
++			        "vipw");
++		} else {
+ 			vipwedit (PASSWD_FILE, pw_lock, pw_unlock);
++			if (spw_file_present ())
++				printf (MSG_WARN_EDIT_OTHER_FILE,
++				        PASSWD_FILE,
++				        SHADOW_FILE,
++				        "vipw -s");
++		}
+ 	} else {
+ #ifdef SHADOWGRP
+-		if (editshadow)
++		if (editshadow) {
+ 			vipwedit (SGROUP_FILE, sgr_lock, sgr_unlock);
+-		else
++			printf (MSG_WARN_EDIT_OTHER_FILE,
++			        SGROUP_FILE,
++			        GROUP_FILE,
++			        "vigr");
++		} else {
+ #endif
+ 			vipwedit (GROUP_FILE, gr_lock, gr_unlock);
++#ifdef SHADOWGRP
++			if (sgr_file_present ())
++				printf (MSG_WARN_EDIT_OTHER_FILE,
++				        GROUP_FILE,
++				        SGROUP_FILE,
++				        "vigr -s");
++#endif
++		}
+ 	}
+ 
+ 	nscd_flush_cache ("passwd");
--- shadow-4.0.18.1.orig/debian/patches/402-clarify_usermod_usage
+++ shadow-4.0.18.1/debian/patches/402-clarify_usermod_usage
@@ -0,0 +1,31 @@
+Goal: Clarify the online help of usermod
+
+Fix: #363033
+
+Author: Christian Perrier <bubulle@debian.org>
+
+Status wrt upstream: forwarded but not applied yet
+
+Index: shadow-4.0.18.1/src/usermod.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/usermod.c	2006-09-17 12:17:58.256039482 +0200
++++ shadow-4.0.18.1/src/usermod.c	2006-09-17 12:18:11.400143989 +0200
+@@ -279,8 +279,6 @@
+ 	fprintf (stderr, _("Usage: usermod [options] LOGIN\n"
+ 			   "\n"
+ 			   "Options:\n"
+-			   "  -a, --append			append the user to the supplemental GROUPS\n"
+-			   "				(use only with -G)\n"
+ 			   "  -c, --comment COMMENT		new value of the GECOS field\n"
+ 			   "  -d, --home HOME_DIR		new home directory for the user account\n"
+ 			   "  -e, --expiredate EXPIRE_DATE	set account expiration date to EXPIRE_DATE\n"
+@@ -288,6 +286,9 @@
+ 			   "				to INACTIVE\n"
+ 			   "  -g, --gid GROUP		force use GROUP as new primary group\n"
+ 			   "  -G, --groups GROUPS		new list of supplementary GROUPS\n"
++			   "  -a, --append		append the user to the supplemental GROUPS\n"
++			   "				mentioned by the -G option without removing\n"
++			   "				him/her from other groups\n"
+ 			   "  -h, --help			display this help message and exit\n"
+ 			   "  -l, --login NEW_LOGIN		new value of the login name\n"
+ 			   "  -L, --lock			lock the user account\n"
--- shadow-4.0.18.1.orig/debian/patches/493_pwck_no_SHADOWPWD
+++ shadow-4.0.18.1/debian/patches/493_pwck_no_SHADOWPWD
@@ -0,0 +1,26 @@
+Goal: SHADOWPWD is now assumed (no more defined).
+
+Fixes: pwck do not detect missing users in /etc/shadow.
+
+Status wrt upstream: Not proposed to upstream yet.
+
+Index: shadow-4.0.18.1/src/pwck.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/pwck.c	2006-10-21 13:33:12.000000000 +0200
++++ shadow-4.0.18.1/src/pwck.c	2006-10-21 13:36:29.000000000 +0200
+@@ -344,7 +344,6 @@
+ 				pwd->pw_name, pwd->pw_shell);
+ 			errors++;
+ 		}
+-#ifdef SHADOWPWD
+ 		/*
+ 		 * Make sure this entry exists in the /etc/gshadow file.
+ 		 */
+@@ -397,7 +396,6 @@
+ 				}
+ 			}
+ 		}
+-#endif
+ 	}
+ 
+ 	if (!is_shadow)
--- shadow-4.0.18.1.orig/debian/patches/505_useradd_recommend_adduser
+++ shadow-4.0.18.1/debian/patches/505_useradd_recommend_adduser
@@ -0,0 +1,40 @@
+Goal: Recommend using adduser and deluser.
+
+Fixes: #406046
+
+Status wrt upstream: Debian specific patch.
+
+Index: shadow-4.0.18.1/man/useradd.8.xml
+===================================================================
+--- shadow-4.0.18.1.orig/man/useradd.8.xml	2007-01-09 22:09:38.000000000 +0100
++++ shadow-4.0.18.1/man/useradd.8.xml	2007-01-09 22:13:47.000000000 +0100
+@@ -34,6 +34,12 @@
+   <refsect1 id='description'>
+     <title>DESCRIPTION</title>
+       <para>
++	<command>useradd</command> is a low level utility for adding
++	users.  On Debian, administrators should usually use
++	<citerefentry><refentrytitle>adduser</refentrytitle>
++	<manvolnum>8</manvolnum></citerefentry> instead.
++      </para>
++      <para>
+ 	When invoked without the <option>-D</option> option, the
+ 	 <command>useradd</command> command creates a new user account using
+ 	the values specified on the command line and the default values from
+Index: shadow-4.0.18.1/man/userdel.8.xml
+===================================================================
+--- shadow-4.0.18.1.orig/man/userdel.8.xml	2007-01-09 22:13:59.000000000 +0100
++++ shadow-4.0.18.1/man/userdel.8.xml	2007-01-09 22:22:04.000000000 +0100
+@@ -23,6 +23,12 @@
+   <refsect1 id='description'>
+     <title>DESCRIPTION</title>
+     <para>
++      <command>userdel</command> is a low level utility for adding
++      users.  On Debian, administrators should usually use
++      <citerefentry><refentrytitle>deluser</refentrytitle>
++      <manvolnum>8</manvolnum></citerefentry> instead.
++    </para>
++    <para>
+       The <command>userdel</command> command modifies the system account
+       files, deleting all entries that refer to <emphasis
+       remap='I'>login_name</emphasis>. The named user must exist.
--- shadow-4.0.18.1.orig/debian/patches/301_passwd-typo-383216
+++ shadow-4.0.18.1/debian/patches/301_passwd-typo-383216
@@ -0,0 +1,19 @@
+Goal: fix a typo in passwd.1
+
+Fixes: #383216
+
+Status wrt upstream: Fix in CVS. Patch added only for etch branch
+
+Index: shadow-4.0.18.1/man/passwd.1.xml
+===================================================================
+--- shadow-4.0.18.1.orig/man/passwd.1.xml	2006-09-17 12:25:23.823581651 +0200
++++ shadow-4.0.18.1/man/passwd.1.xml	2006-09-17 12:25:29.707628421 +0200
+@@ -201,7 +201,7 @@
+ 	</term>
+ 	<listitem>
+ 	  <para>
+-	    Indicate change password should be performed only for expired
++	    Indicate password change should be performed only for expired
+ 	    authentication tokens (passwords). The user wishes to keep their
+ 	    non-expired tokens as before.
+ 	  </para>
--- shadow-4.0.18.1.orig/debian/patches/008_login_log_failure_in_FTMP
+++ shadow-4.0.18.1/debian/patches/008_login_log_failure_in_FTMP
@@ -0,0 +1,51 @@
+Goal: Log login failures to the btmp file
+
+Notes:
+ * I'm not sure login should add an entry in the FTMP file when PAM is used.
+   (but nothing in /etc/login.defs indicates that the failure is not logged)
+
+Index: shadow-4.0.18.1/src/login.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/login.c	2006-09-17 12:17:54.336008314 +0200
++++ shadow-4.0.18.1/src/login.c	2006-09-17 12:17:54.972013371 +0200
+@@ -716,6 +716,20 @@
+ #endif				/* WITH_AUDIT */
+ 
+ 			  fprintf(stderr,"\nLogin incorrect\n");
++			  if (getdef_str("FTMP_FILE") != NULL) {
++#if HAVE_UTMPX_H
++			    failent = utxent;
++			    gettimeofday(&(failent.ut_tv), NULL);
++#else
++			    failent = utent;
++			    time(&failent.ut_time);
++#endif
++			    strncpy(failent.ut_user, failent_user, sizeof(failent.ut_user));
++#ifdef USER_PROCESS
++			    failent.ut_type = USER_PROCESS;
++#endif
++			    failtmp(&failent);
++			  }
+ 
+ 			  /* Let's give it another go around */
+ 			  pam_set_item(pamh,PAM_USER,NULL);
+Index: shadow-4.0.18.1/lib/getdef.c
+===================================================================
+--- shadow-4.0.18.1.orig/lib/getdef.c	2006-06-24 15:17:18.000000000 +0200
++++ shadow-4.0.18.1/lib/getdef.c	2006-09-17 12:17:54.992013530 +0200
+@@ -57,6 +57,7 @@
+ 	{"ERASECHAR", NULL},
+ 	{"FAIL_DELAY", NULL},
+ 	{"FAKE_SHELL", NULL},
++	{"FTMP_FILE", NULL},
+ 	{"GID_MAX", NULL},
+ 	{"GID_MIN", NULL},
+ 	{"HUSHLOGIN_FILE", NULL},
+@@ -88,7 +89,6 @@
+ 	{"ENVIRON_FILE", NULL},
+ 	{"ENV_TZ", NULL},
+ 	{"FAILLOG_ENAB", NULL},
+-	{"FTMP_FILE", NULL},
+ 	{"ISSUE_FILE", NULL},
+ 	{"LASTLOG_ENAB", NULL},
+ 	{"LOGIN_STRING", NULL},
--- shadow-4.0.18.1.orig/debian/patches/466_fflush-prompt
+++ shadow-4.0.18.1/debian/patches/466_fflush-prompt
@@ -0,0 +1,314 @@
+Goal: Fflush all prompts supposedly presented to a user, because we may
+      conversate with a script (over pipe) instead. See bug #333138.
+
+Status wrt upstream: may appear in 4.0.14
+      
+Index: shadow-4.0.18.1/libmisc/Makefile.am
+===================================================================
+--- shadow-4.0.18.1.orig/libmisc/Makefile.am	2005-09-05 18:21:37.000000000 +0200
++++ shadow-4.0.18.1/libmisc/Makefile.am	2006-09-17 12:18:05.616098001 +0200
+@@ -49,4 +49,5 @@
+ 	ulimit.c \
+ 	utmp.c \
+ 	valid.c \
+-	xmalloc.c
++	xmalloc.c \
++	yesno.c
+Index: shadow-4.0.18.1/libmisc/fields.c
+===================================================================
+--- shadow-4.0.18.1.orig/libmisc/fields.c	2005-08-31 19:24:57.000000000 +0200
++++ shadow-4.0.18.1/libmisc/fields.c	2006-09-17 12:18:05.620098032 +0200
+@@ -71,6 +71,7 @@
+ 		maxsize = sizeof (newf);
+ 
+ 	printf ("\t%s [%s]: ", prompt, buf);
++	fflush (stdout);
+ 	if (fgets (newf, maxsize, stdin) != newf)
+ 		return;
+ 
+Index: shadow-4.0.18.1/libmisc/yesno.c
+===================================================================
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
++++ shadow-4.0.18.1/libmisc/yesno.c	2006-09-17 12:18:05.620098032 +0200
+@@ -0,0 +1,41 @@
++/*
++ * Common code for yes/no prompting
++ *
++ * Used by pwck.c and grpck.c
++ */
++
++#include <config.h>	/* configuration parameters like e.g. ENABLE_NLS */
++
++#ident "$Id$"
++
++#include <stdio.h>	/* printf(), fflush() & fgets() */
++#include "defines.h"	/* _() macro */
++
++/*
++ * yes_or_no - get answer to question from the user
++ */
++int yes_or_no (int read_only)
++{
++	char buf[80];
++
++	/*
++	 * In read-only mode all questions are answered "no".
++	 */
++	if (read_only) {
++		printf (_("No\n"));
++		return 0;
++	}
++
++	/*
++	 * Typically, there's a prompt on stdout, sometimes unflushed.
++	 */
++	fflush (stdout);
++
++	/*
++	 * Get a line and see what the first character is.
++	 */
++	if (fgets (buf, sizeof buf, stdin))
++		return buf[0] == 'y' || buf[0] == 'Y';
++
++	return 0;
++}
+Index: shadow-4.0.18.1/src/grpck.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/grpck.c	2006-09-17 12:17:53.712003353 +0200
++++ shadow-4.0.18.1/src/grpck.c	2006-09-17 12:18:05.620098032 +0200
+@@ -50,6 +50,8 @@
+ extern struct commonio_entry *__sgr_get_head (void);
+ #endif
+ 
++extern int yes_or_no (int);
++
+ /*
+  * Exit codes
+  */
+@@ -74,7 +76,6 @@
+ 
+ /* local function prototypes */
+ static void usage (void);
+-static int yes_or_no (void);
+ static void delete_member (char **, const char *);
+ 
+ /*
+@@ -91,30 +92,6 @@
+ }
+ 
+ /*
+- * yes_or_no - get answer to question from the user
+- */
+-static int yes_or_no (void)
+-{
+-	char buf[80];
+-
+-	/*
+-	 * In read-only mode all questions are answered "no".
+-	 */
+-	if (read_only) {
+-		printf (_("No\n"));
+-		return 0;
+-	}
+-
+-	/*
+-	 * Get a line and see what the first character is.
+-	 */
+-	if (fgets (buf, sizeof buf, stdin))
+-		return buf[0] == 'y' || buf[0] == 'Y';
+-
+-	return 0;
+-}
+-
+-/*
+  * delete_member - delete an entry in a list of members
+  */
+ static void delete_member (char **list, const char *member)
+@@ -301,7 +278,7 @@
+ 			 * prompt the user to delete the entry or not
+ 			 */
+ 			if (!prune) {
+-			        if (!yes_or_no ())
++			        if (!yes_or_no (read_only))
+ 				        continue;
+ 			} else {
+ 			        puts (_("Yes"));
+@@ -361,7 +338,7 @@
+ 			/*
+ 			 * prompt the user to delete the entry or not
+ 			 */
+-			if (yes_or_no ())
++			if (yes_or_no (read_only))
+ 				goto delete_gr;
+ 		}
+ 
+@@ -397,7 +374,7 @@
+ 				grp->gr_name, grp->gr_mem[i]);
+ 			printf (_("delete member '%s'? "), grp->gr_mem[i]);
+ 
+-			if (!yes_or_no ())
++			if (!yes_or_no (read_only))
+ 				continue;
+ 
+ 			SYSLOG ((LOG_INFO, "delete member '%s' group '%s'",
+@@ -422,7 +399,7 @@
+ 				printf (_("add group '%s' in %s ?"),
+ 					grp->gr_name, sgr_file);
+ 				errors++;
+-				if (yes_or_no ()) {
++				if (yes_or_no (read_only)) {
+ 					struct sgrp sg;
+ 					struct group gr;
+ 					static char *empty = NULL;
+@@ -509,7 +486,7 @@
+ 			/*
+ 			 * prompt the user to delete the entry or not
+ 			 */
+-			if (!yes_or_no ())
++			if (!yes_or_no (read_only))
+ 				continue;
+ 
+ 			/*
+@@ -565,7 +542,7 @@
+ 			/*
+ 			 * prompt the user to delete the entry or not
+ 			 */
+-			if (yes_or_no ())
++			if (yes_or_no (read_only))
+ 				goto delete_sg;
+ 		}
+ 
+@@ -578,7 +555,7 @@
+ 				grp_file);
+ 			printf (_("delete line '%s'? "), sge->line);
+ 			errors++;
+-			if (yes_or_no ())
++			if (yes_or_no (read_only))
+ 				goto delete_sg;
+ 		} else {
+ 			/**
+@@ -619,7 +596,7 @@
+ 			printf (_("delete administrative member '%s'? "),
+ 				sgr->sg_adm[i]);
+ 
+-			if (!yes_or_no ())
++			if (!yes_or_no (read_only))
+ 				continue;
+ 
+ 			SYSLOG ((LOG_INFO,
+@@ -646,7 +623,7 @@
+ 				sgr->sg_name, sgr->sg_mem[i]);
+ 			printf (_("delete member '%s'? "), sgr->sg_mem[i]);
+ 
+-			if (!yes_or_no ())
++			if (!yes_or_no (read_only))
+ 				continue;
+ 
+ 			SYSLOG ((LOG_INFO,
+Index: shadow-4.0.18.1/src/pwck.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/pwck.c	2006-05-07 19:44:39.000000000 +0200
++++ shadow-4.0.18.1/src/pwck.c	2006-10-21 16:26:23.000000000 +0200
+@@ -49,6 +49,8 @@
+ extern void __spw_del_entry (const struct commonio_entry *);
+ extern struct commonio_entry *__spw_get_head (void);
+ 
++extern int yes_or_no (int);
++
+ /*
+  * Exit codes
+  */
+@@ -73,7 +75,6 @@
+ 
+ /* local function prototypes */
+ static void usage (void);
+-static int yes_or_no (void);
+ 
+ /*
+  * usage - print syntax message and exit
+@@ -86,31 +87,6 @@
+ }
+ 
+ /*
+- * yes_or_no - get answer to question from the user
+- */
+-static int yes_or_no (void)
+-{
+-	char buf[80];
+-
+-	/*
+-	 * In read-only mode all questions are answered "no".
+-	 */
+-
+-	if (read_only) {
+-		printf (_("No\n"));
+-		return 0;
+-	}
+-
+-	/*
+-	 * Get a line and see what the first character is.
+-	 */
+-	if (fgets (buf, sizeof buf, stdin))
+-		return buf[0] == 'y' || buf[0] == 'Y';
+-
+-	return 0;
+-}
+-
+-/*
+  * pwck - verify password file integrity
+  */
+ int main (int argc, char **argv)
+@@ -261,7 +237,7 @@
+ 			/*
+ 			 * prompt the user to delete the entry or not
+ 			 */
+-			if (!yes_or_no ())
++			if (!yes_or_no (read_only))
+ 				continue;
+ 
+ 			/*
+@@ -316,7 +292,7 @@
+ 			/*
+ 			 * prompt the user to delete the entry or not
+ 			 */
+-			if (yes_or_no ())
++			if (yes_or_no (read_only))
+ 				goto delete_pw;
+ 		}
+ 
+@@ -382,7 +358,7 @@
+ 				printf (_("add user '%s' in %s? "),
+ 					pwd->pw_name, spw_file);
+ 				errors++;
+-				if (yes_or_no ()) {
++				if (yes_or_no (read_only)) {
+ 					struct spwd sp;
+ 					struct passwd pw;
+ 
+@@ -462,7 +438,7 @@
+ 			/*
+ 			 * prompt the user to delete the entry or not
+ 			 */
+-			if (!yes_or_no ())
++			if (!yes_or_no (read_only))
+ 				continue;
+ 
+ 			/*
+@@ -517,7 +493,7 @@
+ 			/*
+ 			 * prompt the user to delete the entry or not
+ 			 */
+-			if (yes_or_no ())
++			if (yes_or_no (read_only))
+ 				goto delete_spw;
+ 		}
+ 
+@@ -538,7 +514,7 @@
+ 			/*
+ 			 * prompt the user to delete the entry or not
+ 			 */
+-			if (yes_or_no ())
++			if (yes_or_no (read_only))
+ 				goto delete_spw;
+ 		}
+ 
--- shadow-4.0.18.1.orig/debian/patches/README.patches
+++ shadow-4.0.18.1/debian/patches/README.patches
@@ -0,0 +1,71 @@
+Small intro to the system for numbering the patches here...
+
+-The 0xx series of patches are patches isolated from the latest
+ version of the shadow Debian package not using quilt in order to
+ separate upstream from Debian-specific stuff.
+
+ NO MORE PATCHES SHOULD BE ADDED IN THESE SERIES
+
+-The 1xx series are l10n patches to upstream 4.0.18.1. As upstream has
+ adopted Debian translations, it is very likely that these patches
+ will become useless when we will have synced with upstream
+
+-The 2xx series are patches for manual pages translations to upstream
+ 4.0.18.1.
+
+-The 3xx series are patches which have been temporarily applied to 
+ Debian's shadow while we *know* they have been applied upstream as well
+ These patches should NOT be kept when we will sync with upstream
+
+-The 4xx series are patches which have been applied to Debian's shadow
+ and have NOT been accepted and/or applied upstream. These patches MUST be kept
+ even after resynced with upstream
+
+-The 5xx series are patches which are applied to Debian's shadow
+ and will never be proposed upstream because they're too specific
+ This list SHOULD BE AS SHORT AS POSSIBLE
+
+In short, while we are working towards synchronisation with upstream,
+our goal is to make 0xx patches disappear by moving them either to 3xx
+series (things already implemented upstream) or to 4xx series
+(Debian-specific patches).
+
+
+Short HOWTO for quilt
+=====================
+
+The quilt system can be assimilated to a Pile Of Patches management system.
+Patches live in debian/patches, the working directory is "."
+
+The basic commands are (abbreviation accepted):
+quilt push (asks to apply the next patch in the pile)
+quilt pop  (removes the current patch and go up in the pile)
+quilt refresh (take the current changes in tree onto the patch)
+
+When a file is changed by a patch, quilt saves it somewhere under .pc on
+application. This is how it can refresh it afterward (comparing the version
+in .pc and the one you currently have in your working dir).
+
+There are three common pitfalls with quilt:
+ - doing "quilt pop" without doing "quilt refresh". The version of current
+     dir is replaced with the version of the .pc dir. Your changes are lost.
+   Quilt wont let you do so, but you can force it with '-f' if you're fool.
+ - editing a file with is not in the patch yet. Quilt didn't do any previous
+     backup.
+   Use "quilt add" to add files to patches.
+   Set $EDITOR and use "quilt edit" to edit a file, and add it onto the
+     patch if needed.
+ - If you update your working directory, patches may not revert cleanly.
+   It is thus recommended to use "quilt pop -a" before updating with
+   "svn up".
+   If you forget (and run into trouble), you may want to remove the whole
+   shadow-?.?.? directory. If you use the makefile which is in the upper
+   directory (trunk/), shadow-?.?.?/debian/patches is a link to
+   debian/patches, so this dirctory does not contain any valuable info.
+
+The documentation is quite well done, I think. "quilt -h" will list you the
+commands. "quilt <cmd> -h" will give you some hints about it. "man quilt" is
+a reference documentation. /usr/share/doc/quilt/quilt.pdf.gz is a complete
+manual, with tutorial.
+
+
--- shadow-4.0.18.1.orig/debian/patches/542_useradd-O_option
+++ shadow-4.0.18.1/debian/patches/542_useradd-O_option
@@ -0,0 +1,44 @@
+Goal: accepts the -O flag for backward compatibility. (was used by adduser?)
+
+Note: useradd.8 needs to be regenerated.
+
+Status wrt upstream: not included as this is just specific 
+                     backward compatibility for Debian
+
+Index: shadow-4.0.18.1/man/useradd.8.xml
+===================================================================
+--- shadow-4.0.18.1.orig/man/useradd.8.xml	2006-09-17 12:17:59.836052044 +0200
++++ shadow-4.0.18.1/man/useradd.8.xml	2006-09-17 12:18:01.136062380 +0200
+@@ -201,6 +201,11 @@
+ 	    <replaceable>UID_MIN</replaceable>=<replaceable>10</replaceable>,<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>
+ 	    doesn't work yet.
+ 	  </para>
++          <para>
++            For the compatibility with previous Debian's
++            <command>useradd</command>, the <option>-O</option> option is
++            also supported.
++          </para>
+ 	</listitem>
+       </varlistentry>
+       <varlistentry>
+Index: shadow-4.0.18.1/src/useradd.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/useradd.c	2006-09-17 12:17:58.252039450 +0200
++++ shadow-4.0.18.1/src/useradd.c	2006-09-17 12:18:01.140062412 +0200
+@@ -1023,7 +1023,7 @@
+ 			{NULL, 0, NULL, '\0'}
+ 		};
+ 		while ((c =
+-			getopt_long (argc, argv, "b:c:d:De:f:g:G:k:K:mMop:s:u:",
++			getopt_long (argc, argv, "b:c:d:De:f:g:G:k:O:K:mMop:s:u:",
+ 				     long_options, NULL)) != -1) {
+ 			switch (c) {
+ 			case 'b':
+@@ -1142,6 +1142,7 @@
+ 				kflg++;
+ 				break;
+ 			case 'K':
++			case 'O': /* compatibility with previous Debian useradd */
+ 				/*
+ 				 * override login.defs defaults (-K name=value)
+ 				 * example: -K UID_MIN=100 -K UID_MAX=499
--- shadow-4.0.18.1.orig/debian/patches/491_configure.in_friendly_selinux_detection
+++ shadow-4.0.18.1/debian/patches/491_configure.in_friendly_selinux_detection
@@ -0,0 +1,50 @@
+Goal: detect that SE Linux is not present without failing if
+      --without-selinux or --with-selinux is not specified.
+
+Fix: FTBFS on kfreebsd (and probably The Hurd)
+
+Author: Mike Frysinger <vapier@gentoo.org>
+
+Status wrt upstream: reported by Mike, not applied yet
+
+Index: shadow-4.0.18.1/configure.in
+===================================================================
+--- shadow-4.0.18.1.orig/configure.in	2006-08-03 12:17:21.000000000 +0200
++++ shadow-4.0.18.1/configure.in	2006-09-17 12:18:10.116133780 +0200
+@@ -220,7 +220,7 @@
+ 	[with_libpam=$withval], [with_libpam=yes])
+ AC_ARG_WITH(selinux,
+ 	[AC_HELP_STRING([--with-selinux], [use SELinux support @<:@default=autodetect@:>@])],
+-	[with_selinux=$withval], [with_selinux=yes])
++	[with_selinux=$withval], [with_selinux=maybe])
+ AC_ARG_WITH(skey,
+ 	[AC_HELP_STRING([--with-skey], [use S/Key support @<:@default=no@:>@])],
+ 	[with_skey=$withval], [with_skey=no])
+@@ -282,15 +282,22 @@
+ 		AC_DEFINE(HAVE_LIBCRACK_PW, 1, [Defined if it includes *Pw functions.]))
+ fi
+ 
+-if test "$with_selinux" = "yes"; then
++if test "$with_selinux" != "no"; then
++	have_selinux="yes"
+ 	AC_CHECK_LIB(selinux, is_selinux_enabled,
+ 		[LIBSELINUX="-lselinux"
++		],
++		[have_selinux="no"])
++	if test "x$have_selinux$with_selinux" = "xnoyes" ; then
++		AC_MSG_ERROR([libselinux not found])
++	elif test "x$have_selinux" = "xyes" ; then
+ 		AC_SUBST(LIBSELINUX)
+-		AC_CHECK_HEADERS(selinux/selinux.h, [],
+-			[AC_MSG_ERROR([selinux/selinux.h is missing])])
++		with_selinux="yes"
++		AC_CHECK_HEADERS(selinux/selinux.h, [], [selinux/selinux.h is missing])
+ 		AC_DEFINE(WITH_SELINUX, 1, [Build shadow with SELinux support])
+-		],
+-		[AC_MSG_ERROR([libselinux not found])])
++	else
++		with_selinux="no"
++	fi
+ fi
+ 
+ AC_SUBST(LIBPAM)
--- shadow-4.0.18.1.orig/debian/patches/104_man-sv
+++ shadow-4.0.18.1/debian/patches/104_man-sv
@@ -0,0 +1,275 @@
+Goal: Fix Swedish manpages's PO file encoding.
+
+Fixes: #403210
+
+Status wrt upstream: Applied in CVS
+
+Index: shadow-4.0.18.1/man/sv/sv.po
+===================================================================
+--- shadow-4.0.18.1.orig/man/sv/sv.po	2007-02-25 16:36:02.000000000 +0100
++++ shadow-4.0.18.1/man/sv/sv.po	2007-02-25 16:36:19.000000000 +0100
+@@ -2,7 +2,7 @@
+ msgstr ""
+ "Project-Id-Version: man pages for shadow 4.0.18\n"
+ "POT-Creation-Date: 2006-07-24 07:49+0200\n"
+-"PO-Revision-Date: 2006-07-20 15:34+0100\n"
++"PO-Revision-Date: 2007-02-25 16:34+0100\n"
+ "Last-Translator: Daniel Nylander <po@danielnylander.se>\n"
+ "Language-Team: Swedish <debian-l10n-swedish@lists.debian.org>\n"
+ "MIME-Version: 1.0\n"
+@@ -98,7 +98,7 @@
+ "respektive. Med flaggan <option>-s</option>, kommer de att redigera "
+ "skuggversionerna av dessa filer, <filename>/etc/shadow</filename> och "
+ "<filename>/etc/gshadow</filename>, respektive. Programmen kommer att ställa "
+-"in de lämpliga lås som behövs för att förhindra att filerna skadas. När de "
++"in de lämpliga lås som behövs för att förhindra att filerna skadas. När de "
+ "letar efter en redigerare kommer programmen att första försöka med "
+ "miljövariabeln <envar>$VISUAL</envar>, sedan miljövariabeln <envar>$EDITOR</"
+ "envar> och till sist standardredigeraren, <citerefentry><refentrytitle>vi</"
+@@ -819,7 +819,7 @@
+ #: useradd.8.xml:11(refpurpose)
+ msgid "create a new user or update default new user information"
+ msgstr ""
+-"skapa en ny användare eller uppdatera standardinformation för nya användare"
++"skapa en ny användare eller uppdatera standardinformation för nya användare"
+ 
+ #: useradd.8.xml:23(arg) useradd.8.xml:27(arg)
+ msgid "-D"
+@@ -1054,7 +1054,7 @@
+ "lower case letters, underscores, dashes, and dollar signs may follow. In "
+ "regular expression terms: [a-z_][a-z0-9_-]*[$]"
+ msgstr ""
+-"Användarnamn måste börja med en gemen bokstav eller ett understreck och fÃ¥r "
++"Användarnamn måste börja med en gemen bokstav eller ett understreck och får "
+ "endast innehålla gemener, understreck, minustecken och på slutet ett dollar-"
+ "tecken. I reguljära uttryckstermer: [a-z_][a-z0-9_-]*[$]"
+ 
+@@ -1242,8 +1242,8 @@
+ "delimited by \",\" or the words <emphasis>ALL EXCEPT</emphasis> followed by "
+ "a list of usernames delimited by \",\""
+ msgstr ""
+-"Där till-id är antingen ordet <emphasis>ALL</emphasis>, en lista med anvÃ"
+-"¤ndarnamn separerade med \",\" eller orden <emphasis>ALL EXCEPT</emphasis> "
++"Där till-id är antingen ordet <emphasis>ALL</emphasis>, en lista med "
++"användarnamn separerade med \",\" eller orden <emphasis>ALL EXCEPT</emphasis> "
+ "följt av en lista med användarnamn separerade med \",\""
+ 
+ #: suauth.5.xml:53(para)
+@@ -1416,8 +1416,8 @@
+ "user logged in directly."
+ msgstr ""
+ "<command>su</command> används för att bli en annan användare under en "
+-"inloggningssession. Om det startas utan <option>användarnamn</option>, vÃ"
+-"¤ljer <command>su</command> superanvändaren. Det valfria argumentet <option>-"
++"inloggningssession. Om det startas utan <option>användarnamn</option>, "
++"väljer <command>su</command> superanvändaren. Det valfria argumentet <option>-"
+ "</option> kan användas för att tillhandahålla en miljö som liknar den som "
+ "användaren skulle förvänta sig om användaren hade loggat in direkt."
+ 
+@@ -1532,8 +1532,8 @@
+ "<filename>/bin/sh</filename> if a shell could not be found by any above "
+ "method."
+ msgstr ""
+-"<filename>/bin/sh</filename> om ett skal inte kunde hittas med någon ovanstÃ"
+-"¥ende metod."
++"<filename>/bin/sh</filename> om ett skal inte kunde hittas med någon "
++"ovanstående metod."
+ 
+ #: su.1.xml:114(para)
+ msgid ""
+@@ -1566,8 +1566,8 @@
+ "If the target user has a restricted shell, this option has no effect (unless "
+ "<command>su</command> is called by root)."
+ msgstr ""
+-"Om målanvändaren har ett begränsat skal har denna flagga ingen effekt (sÃ"
+-"¥vida inte <command>su</command> har startats av root)."
++"Om målanvändaren har ett begränsat skal har denna flagga ingen effekt "
++"(såvida inte <command>su</command> har startats av root)."
+ 
+ #: su.1.xml:169(para)
+ msgid ""
+@@ -1757,7 +1757,7 @@
+ "This file must not be readable by regular users if password security is to "
+ "be maintained."
+ msgstr ""
+-"Denna fil får inte vara läsbar av vanliga användare om lösenordssäkerheten "
++"Denna fil får inte vara läsbar av vanliga användare om lösenordssäkerheten "
+ "ska upprätthållas."
+ 
+ #: shadow.5.xml:124(para)
+@@ -2321,7 +2321,7 @@
+ "emphasis> och <emphasis>oper</emphasis> på <filename>/dev/console</filename> "
+ "när som helst. Detta illustrerar hur filen <filename>/etc/porttime</"
+ "filename> är en ordnad lista för åtkomsttider. Alla andra användare skulle "
+-"matcha den andra poster, vilken inte tillåter någon Ã¥tkomst oavsett tid."
++"matcha den andra poster, vilken inte tillåter någon åtkomst oavsett tid."
+ 
+ #: porttime.5.xml:62(programlisting)
+ #, no-wrap
+@@ -2373,7 +2373,7 @@
+ "<filename>/etc/passwd</filename> contains one line for each user account, "
+ "with seven fields delimited by colons (<quote>:</quote>). These fields are:"
+ msgstr ""
+-"<filename>/etc/passwd</filename> innehåller en rad för varje användarkonto "
++"<filename>/etc/passwd</filename> innehåller en rad för varje användarkonto "
+ "men sju fält separerade med kolontecken (<quote>:</quote>). Dessa fält är:"
+ 
+ #: passwd.5.xml:27(para)
+@@ -2492,9 +2492,9 @@
+ "login shell, or his/her password expiry date and interval."
+ msgstr ""
+ "<command>passwd</command> ändrar lösenord för användarkonton. En vanlig "
+-"användare kan endast ändra lösenordet för sitt egna konto men superanvÃ"
+-"¤ndaren kan ändra lösenord för alla konton. <command>passwd</command> Ã"
+-"¤ndrar även kontoinformation, såsom det fullständiga namnet för användaren, "
++"användare kan endast ändra lösenordet för sitt egna konto men "
++"superanvändaren kan ändra lösenord för alla konton. <command>passwd</command> "
++"ändrar även kontoinformation, såsom det fullständiga namnet för användaren, "
+ "användarens inloggningsskal eller hans/hennes utgångsdatum för lösenordet "
+ "och intervall."
+ 
+@@ -2509,8 +2509,8 @@
+ "user has only one chance to enter the correct password. The super user is "
+ "permitted to bypass this step so that forgotten passwords may be changed."
+ msgstr ""
+-"Användaren frågas först efter hans/hennes gamla lösenord, om det finns nÃ"
+-"¥got. Detta lösenord krypteras sedan och jämförs mot det lagrade lösenordet. "
++"Användaren frågas först efter hans/hennes gamla lösenord, om det finns "
++"något. Detta lösenord krypteras sedan och jämförs mot det lagrade lösenordet. "
+ "Användaren har endast en chans att ange det korrekta lösenordet. "
+ "Superanvändaren tillåts kringgå detta steg så att bortglömda lösenord kan "
+ "ändras."
+@@ -2521,8 +2521,8 @@
+ "to see if the user is permitted to change the password at this time. If not, "
+ "<command>passwd</command> refuses to change the password and exits."
+ msgstr ""
+-"Efter att lösenordet har matats in kontrolleras lösenordets Ã"
+-"¥ldringsinformation för att se om användaren tillåts att ändra lösenord för "
++"Efter att lösenordet har matats in kontrolleras lösenordets "
++"åldringsinformation för att se om användaren tillåts att ändra lösenord för "
+ "tillfället. Om inte, nekar <command>passwd</command> att ändra lösenordet "
+ "och avslutas."
+ 
+@@ -2582,7 +2582,7 @@
+ msgstr ""
+ "Säkerhet i ett lösenord beror på styrkan på krypteringsalgoritmen och "
+ "nyckellängden. Krypteringsmetoden för <emphasis>UNIX-system</emphasis> är "
+-"baserad på NBS DES-algoritmen och är mycket säker. Längden på nyckeln är "
++"baserad på NBS DES-algoritmen och är mycket säker. Längden på nyckeln är "
+ "beroende på slumpmässigheten för det valda lösenordet."
+ 
+ #: passwd.1.xml:96(para)
+@@ -2607,7 +2607,7 @@
+ "For example, Pass%word."
+ msgstr ""
+ "Ditt lösenord måste vara lätt att komma ihåg så att du inte behöver skriva "
+-"ner det på en papperslapp. Detta kan göras genom att lägga till tvÃ¥ små ord "
++"ner det på en papperslapp. Detta kan göras genom att lägga till två små ord "
+ "tillsammans och separera dem med ett specialtecken eller siffra. Till "
+ "exempel, Pass%word."
+ 
+@@ -2668,7 +2668,7 @@
+ "Delete a user's password (make it empty). This is a quick way to disable a "
+ "password for an account. It will set the named account passwordless."
+ msgstr ""
+-"Ta bort en användares lösenord (gör det blankt). Detta är ett snabbt sätt "
++"Ta bort en användares lösenord (gör det blankt). Detta är ett snabbt sätt "
+ "att inaktivera ett lösenord för ett konto. Det kommer att ta bort det "
+ "angivna kontots lösenord."
+ 
+@@ -2701,7 +2701,7 @@
+ msgstr ""
+ "Denna flagga används för att inaktivera ett konto efter att lösenordet har "
+ "varit utgånget i ett antal dagar. Efter att ett användarkonto har haft ett "
+-"utgånget lösenord i <replaceable>INAKTIV</replaceable> dagar får användaren "
++"utgånget lösenord i <replaceable>INAKTIV</replaceable> dagar får användaren "
+ "inte längre logga in med detta konto."
+ 
+ #: passwd.1.xml:199(term)
+@@ -2728,7 +2728,7 @@
+ "password to a value which matches no possible encrypted value."
+ msgstr ""
+ "Lås angivet konto. Denna flagga inaktiverar ett konto genom att ändra "
+-"lösenordet till ett värde som inte matchar något möjligt krypterat värde."
++"lösenordet till ett värde som inte matchar något möjligt krypterat värde."
+ 
+ #: passwd.1.xml:222(term) chage.1.xml:109(term)
+ msgid ""
+@@ -2777,7 +2777,7 @@
+ "Första fältet är användarens inloggningsnamn. Det andra fältet indikerar om "
+ "användarkontot är låst (L), saknar lösenord (NP) eller har ett användbart "
+ "lösenord (P). Det tredje fältet anger datumet för senaste "
+-"lösenordsändringen. De nästa fyra fälten är minimal ålder, maximal Ã¥lder, "
++"lösenordsändringen. De nästa fyra fälten är minimal ålder, maximal ålder, "
+ "varningsperiod och inaktivitetsperiod för lösenordet. Dessa åldrar anges i "
+ "dagar."
+ 
+@@ -2791,8 +2791,8 @@
+ "password back to its previous value (to value before using <option>-l</"
+ "option> option)."
+ msgstr ""
+-"Lås upp angivet konto. Denna flagga återaktiverar ett konto genom att ändra "
+-"tillbaka lösenordet till dess tidigare värde (till värdet före användning "
++"Lås upp angivet konto. Denna flagga återaktiverar ett konto genom att ändra "
++"tillbaka lösenordet till dess tidigare värde (till värdet före användning "
+ "av flaggan <option>-l</option>)."
+ 
+ #: passwd.1.xml:283(term)
+@@ -2811,7 +2811,7 @@
+ "about to expire."
+ msgstr ""
+ "Sätter antalet dagar för varning före ett lösenord behöver ändras. Flaggan "
+-"<replaceable>VARN_DAGAR</replaceable> är antalet dagar före användaren "
++"<replaceable>VARN_DAGAR</replaceable> är antalet dagar före användaren "
+ "varnas om att lösenordet är på väg att bli utgånget."
+ 
+ #: passwd.1.xml:296(term)
+@@ -2840,7 +2840,7 @@
+ "Inte alla flaggor kanske stöds. Kontroll av lösenordskomplexiteten kan "
+ "variera mellan olika system. Användare rekommenderas att välja ett lösenord "
+ "som är så komplext som han eller hon känner sig komfortabel med. Användare "
+-"kanske inte kan ändra sina lösenord på ett system om NIS är aktiverat och "
++"kanske inte kan ändra sina lösenord på ett system om NIS är aktiverat och "
+ "de inte är inloggade mot NIS-servern."
+ 
+ #: passwd.1.xml:353(para) chage.1.xml:212(para)
+@@ -2900,8 +2900,8 @@
+ "available and exits non-zero. It is intended as a replacement shell field "
+ "for accounts that have been disabled."
+ msgstr ""
+-"<command>nologin</command> visar ett meddelande om att kontot inte är tillgÃ"
+-"¤ngligt och avslutas med icke-noll-status. Det är tänkt som ett ersättande "
++"<command>nologin</command> visar ett meddelande om att kontot inte är "
++"tillgängligt och avslutas med icke-noll-status. Det är tänkt som ett ersättande "
+ "skalfält för konton som har inaktiverats."
+ 
+ #: nologin.8.xml:27(para)
+@@ -4451,7 +4451,7 @@
+ "You may not remove the primary group of any existing user. You must remove "
+ "the user before you remove the group."
+ msgstr ""
+-"Du får inte ta bort den primära gruppen för någon existerande användare. Du "
++"Du får inte ta bort den primära gruppen för någon existerande användare. Du "
+ "måste ta bort användaren innan du tar bort gruppen."
+ 
+ #: groupdel.8.xml:80(para)
+@@ -5039,7 +5039,7 @@
+ "Remember to set permissions or umask to prevent readability of unencrypted "
+ "files by other users."
+ msgstr ""
+-"Kom ihåg att ställa in rättigheter eller umask för att förhindra läsning av "
++"Kom ihåg att ställa in rättigheter eller umask för att förhindra läsning av "
+ "okrypterade filer för andra användare."
+ 
+ #: chpasswd.8.xml:86(para)
+@@ -5072,8 +5072,8 @@
+ "groups. Each line is of the format:"
+ msgstr ""
+ "<command>chgpasswd</command> läser en lista på gruppnamn och lösenordspar "
+-"från standard in och använder denna information för att uppdatera en uppsÃ"
+-"¤ttning redan existerande grupper. Varje rad är i formatet:"
++"från standard in och använder denna information för att uppdatera en "
++"uppsättning redan existerande grupper. Varje rad är i formatet:"
+ 
+ #: chgpasswd.8.xml:30(para)
+ msgid ""
--- shadow-4.0.18.1.orig/debian/patches/501_commonio_group_shadow
+++ shadow-4.0.18.1/debian/patches/501_commonio_group_shadow
@@ -0,0 +1,39 @@
+Goal: save the [g]shadow files with the 'shadow' group and mode 0440
+
+Fixes: #166793
+
+Index: shadow-4.0.18.1/lib/commonio.c
+===================================================================
+--- shadow-4.0.18.1.orig/lib/commonio.c	2006-06-08 15:36:11.000000000 +0200
++++ shadow-4.0.18.1/lib/commonio.c	2006-09-17 12:18:03.020077360 +0200
+@@ -13,6 +13,7 @@
+ #include <stdio.h>
+ #include <signal.h>
+ #include <pwd.h>
++#include <grp.h>
+ #include <nscd.h>
+ #ifdef HAVE_SHADOW_H
+ #include <shadow.h>
+@@ -699,13 +700,20 @@
+ 			goto fail;
+ 		}
+ 	} else {
++		struct group *grp;
+ 		/*
+ 		 * Default permissions for new [g]shadow files.
+ 		 * (passwd and group always exist...)
+ 		 */
+-		sb.st_mode = 0400;
++		sb.st_mode = 0440;
+ 		sb.st_uid = 0;
+-		sb.st_gid = 0;
++		/*
++		 * Try to retrieve the shadow's GID, and fall back to GID 0.
++		 */
++		if ((grp = getgrnam("shadow")) != NULL)
++			sb.st_gid = grp->gr_gid;
++		else
++			sb.st_gid = 0;
+ 	}
+ 
+ 	snprintf (buf, sizeof buf, "%s+", db->filename);
--- shadow-4.0.18.1.orig/debian/patches/429_login_FAILLOG_ENAB
+++ shadow-4.0.18.1/debian/patches/429_login_FAILLOG_ENAB
@@ -0,0 +1,95 @@
+Goal: Re-enable logging and displaying failures on login when login is
+      compiled with PAM and when FAILLOG_ENAB is set to yes. And create the
+      faillog file if it does not exist on postinst (as on Woody).
+Depends: 008_login_more_LOG_UNKFAIL_ENAB
+Fixes: #192849
+
+Note: It could be removed if pam_tally could report the number of failures
+      preceding a successful login.
+
+Index: shadow-4.0.18.1/src/login.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/login.c	2006-09-17 12:17:54.972013371 +0200
++++ shadow-4.0.18.1/src/login.c	2006-09-17 12:17:55.628018587 +0200
+@@ -130,11 +130,11 @@
+ static void setup_tty (void);
+ static void check_flags (int, char *const *);
+ 
++static struct faillog faillog;
++
+ #ifndef USE_PAM
+ extern int login_access (const char *, const char *);
+ 
+-static struct faillog faillog;
+-
+ static void bad_time_notify (void);
+ static void check_nologin (void);
+ #endif
+@@ -668,6 +668,8 @@
+ 			    SYSLOG ((LOG_NOTICE,
+ 				    "TOO MANY LOGIN TRIES (%d)%s FOR `%s'",
+ 				    failcount, fromhost, failent_user));
++			    if (pwd && getdef_bool("FAILLOG_ENAB"))
++			      failure (pwent.pw_uid, tty, &faillog);
+ 			    fprintf(stderr,
+ 				    _("Maximum number of tries exceeded (%d)\n"),
+ 				    failcount);
+@@ -685,6 +687,13 @@
+ 				   pam_strerror (pamh, retcode)));
+ 			    failed = 1;
+ 			  }
++			  if (pwd && getdef_bool("FAILLOG_ENAB") &&
++			      ! failcheck (pwent.pw_uid, &faillog, failed)) {
++			    SYSLOG((LOG_CRIT,
++			           "exceeded failure limit for `%s' %s",
++			           failent_user, fromhost));
++			    failed = 1;
++			  }
+ 
+ 			  if (!failed)
+ 			    break;
+@@ -716,6 +725,8 @@
+ #endif				/* WITH_AUDIT */
+ 
+ 			  fprintf(stderr,"\nLogin incorrect\n");
++			  if (pwd && getdef_bool("FAILLOG_ENAB"))
++			    failure (pwent.pw_uid, tty, &faillog);
+ 			  if (getdef_str("FTMP_FILE") != NULL) {
+ #if HAVE_UTMPX_H
+ 			    failent = utxent;
+@@ -1075,6 +1086,7 @@
+ 		 */
+ #ifndef USE_PAM
+ 		motd ();	/* print the message of the day */
++#endif
+ 		if (getdef_bool ("FAILLOG_ENAB")
+ 		    && faillog.fail_cnt != 0) {
+ 			failprint (&faillog);
+@@ -1088,6 +1100,7 @@
+ 					 username, (int) faillog.fail_cnt));
+ 			}
+ 		}
++#ifndef USE_PAM
+ 		if (getdef_bool ("LASTLOG_ENAB")
+ 		    && lastlog.ll_time != 0) {
+ 			time_t ll_time = lastlog.ll_time;
+Index: shadow-4.0.18.1/lib/getdef.c
+===================================================================
+--- shadow-4.0.18.1.orig/lib/getdef.c	2006-09-17 12:17:54.992013530 +0200
++++ shadow-4.0.18.1/lib/getdef.c	2006-09-17 12:17:55.628018587 +0200
+@@ -56,6 +56,7 @@
+ 	{"ENV_SUPATH", NULL},
+ 	{"ERASECHAR", NULL},
+ 	{"FAIL_DELAY", NULL},
++	{"FAILLOG_ENAB", NULL},
+ 	{"FAKE_SHELL", NULL},
+ 	{"FTMP_FILE", NULL},
+ 	{"GID_MAX", NULL},
+@@ -88,7 +89,6 @@
+ 	{"ENV_HZ", NULL},
+ 	{"ENVIRON_FILE", NULL},
+ 	{"ENV_TZ", NULL},
+-	{"FAILLOG_ENAB", NULL},
+ 	{"ISSUE_FILE", NULL},
+ 	{"LASTLOG_ENAB", NULL},
+ 	{"LOGIN_STRING", NULL},
--- shadow-4.0.18.1.orig/debian/patches/008_su_no_sanitize_env
+++ shadow-4.0.18.1/debian/patches/008_su_no_sanitize_env
@@ -0,0 +1,13 @@
+Index: shadow-4.0.18.1/src/su.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/su.c	2006-09-17 12:17:47.383953038 +0200
++++ shadow-4.0.18.1/src/su.c	2006-09-17 12:17:52.483993589 +0200
+@@ -304,7 +304,7 @@
+ #endif
+ #endif				/* !USE_PAM */
+ 
+-	sanitize_env ();
++	/* sanitize_env (); */
+ 
+ 	setlocale (LC_ALL, "");
+ 	bindtextdomain (PACKAGE, LOCALEDIR);
--- shadow-4.0.18.1.orig/debian/patches/479_chowntty_debug
+++ shadow-4.0.18.1/debian/patches/479_chowntty_debug
@@ -0,0 +1,62 @@
+Goal: Provide more info when chown_tty() phase of login fails (see #332198).
+
+Related: #332198 (helps to debug)
+
+Status wrt upstream: Not forwarded (dunno if there's any point in this).
+
+This patch increases verbosity of is_my_tty() routine which is called
+from chown_tty() which in turn is part of login sequence. Submitter of
+the bug #332198 sometimes gets telnet session refused, but message in
+syslog is not at all helpful:
+> ... login[453]: unable to determine TTY name, got /dev/pts/1
+and in fact it's misleading, because tty name is detected OK, it's
+is_my_tty() which is failing for a reason yet unknown (I suspect
+corruption of utmp file).
+
+Index: shadow-4.0.18.1/libmisc/chowntty.c
+===================================================================
+--- shadow-4.0.18.1.orig/libmisc/chowntty.c	2005-08-31 19:24:57.000000000 +0200
++++ shadow-4.0.18.1/libmisc/chowntty.c	2006-09-17 12:18:08.256118991 +0200
+@@ -40,6 +40,7 @@
+ #include "defines.h"
+ #include <pwd.h>
+ #include "getdef.h"
++#include <sys/sysmacros.h>
+ /*
+  * is_my_tty -- determine if "tty" is the same as TTY stdin is using
+  */
+@@ -47,12 +48,31 @@
+ {
+ 	struct stat by_name, by_fd;
+ 
+-	if (stat (tty, &by_name) || fstat (0, &by_fd))
++	if (stat (tty, &by_name)) {
++		/* Can use neither strerror() nor "%m" sequence -- first
++		 * is locale-dependent (while SYSLOG isn't) and for second
++		 * the SYSLOG macro isn't errno-transparent.  --xrgtn */
++		int e = errno;
++		SYSLOG ((LOG_WARN, "can't stat(`%s'): errno %i\n", tty, e));
+ 		return 0;
++	}
+ 
+-	if (by_name.st_rdev != by_fd.st_rdev)
++	if (fstat (0, &by_fd)) {
++		int e = errno;
++		SYSLOG ((LOG_WARN, "can't fstat(stdin): errno %i\n", e));
+ 		return 0;
+-	else
++	}
++
++	if (by_name.st_rdev != by_fd.st_rdev) {
++		SYSLOG ((LOG_WARN,
++			 "`%s'.st_rdev(%u,%u) != stdin.st_rdev(%u,%u)\n",
++			 tty,
++			 /* XXX: dev_t is 64bit, gnu_dev_mXXor are used
++			  * which are GNU extn */
++			 major(by_name.st_rdev), minor(by_name.st_rdev),
++			 major(by_fd.st_rdev), minor(by_fd.st_rdev)));
++		return 0;
++	} else
+ 		return 1;
+ }
+ 
--- shadow-4.0.18.1.orig/debian/patches/498_man_nonpam_undefined
+++ shadow-4.0.18.1/debian/patches/498_man_nonpam_undefined
@@ -0,0 +1,26 @@
+Goal: man_nonpam was renamed to man_nopam, but is still used in
+      man/sv/Makefile.am and man/it/Makefile.am
+
+Status wrt upstream: not reported yet
+
+Index: shadow-4.0.18.1/man/sv/Makefile.am
+===================================================================
+--- shadow-4.0.18.1.orig/man/sv/Makefile.am	2006-08-03 12:13:27.000000000 +0200
++++ shadow-4.0.18.1/man/sv/Makefile.am	2006-09-17 12:25:29.031623047 +0200
+@@ -54,4 +54,4 @@
+ 
+ EXTRA_DIST = \
+ 	$(man_MANS) \
+-	$(man_nonpam)
++	$(man_nopam)
+Index: shadow-4.0.18.1/man/it/Makefile.am
+===================================================================
+--- shadow-4.0.18.1.orig/man/it/Makefile.am	2006-08-03 12:11:59.000000000 +0200
++++ shadow-4.0.18.1/man/it/Makefile.am	2006-09-17 12:25:29.031623047 +0200
+@@ -46,5 +46,5 @@
+                         
+ EXTRA_DIST = \
+ 	$(man_MANS) \
+-	$(man_nonpam) \
++	$(man_nopam) \
+ 	id.1
--- shadow-4.0.18.1.orig/debian/patches/434_login_stop_checking_args_after--
+++ shadow-4.0.18.1/debian/patches/434_login_stop_checking_args_after--
@@ -0,0 +1,20 @@
+Goal: terminate argument validation in login when it hits a '--'.
+Fixes: #66368
+
+Status wrt upstream: It could certainly be submitted to upstream.
+                     Upstream comment: "Better will be rewrite login
+                     for use getopt_long()."
+
+Index: shadow-4.0.18.1/src/login.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/login.c	2006-07-10 06:11:32.000000000 +0200
++++ shadow-4.0.18.1/src/login.c	2006-09-17 12:17:54.336008314 +0200
+@@ -253,6 +253,8 @@
+ 	for (arg = 1; arg < argc; arg++) {
+ 		if (argv[arg][0] == '-' && strlen (argv[arg]) > 2)
+ 			usage ();
++		if (!strcmp(argv[arg], "--"))
++			break; /* stop checking on a "--" */
+ 	}
+ }
+ 
--- shadow-4.0.18.1.orig/debian/patches/101_ja
+++ shadow-4.0.18.1/debian/patches/101_ja
@@ -0,0 +1,2120 @@
+Goal: Complete the Japanese translation
+
+Fixes: #381873
+
+Status wrt upstream: Forwarded. Not yet fixed in CVS. We apply it here to be synced with the etch branch
+
+Index: shadow-4.0.18.1/po/ja.po
+===================================================================
+--- shadow-4.0.18.1.orig/po/ja.po	2006-07-26 22:32:45.000000000 +0200
++++ shadow-4.0.18.1/po/ja.po	2006-09-17 12:18:16.644185683 +0200
+@@ -1,14 +1,15 @@
+ # Shadow utils japanese message catalog
+ # Copyright (C) YEAR Free Software Foundation, Inc.
+ # Yasuyuki Furukawa <furukawa@vinelinux.org>, 2000.
++# revised by NAKANO Takeo <nakano@webmasters.gr.jp> since 2004-09-05
+ #
+ msgid ""
+ msgstr ""
+-"Project-Id-Version: shadow 1990827\n"
++"Project-Id-Version: shadow 4.0.18\n"
+ "Report-Msgid-Bugs-To: kloczek@pld.org.pl\n"
+ "POT-Creation-Date: 2006-07-26 22:30+0200\n"
+-"PO-Revision-Date: 2000-06-18 120:22+0900\n"
+-"Last-Translator: Yasuyuki Furukawa <furukawa@vinelinux.org>\n"
++"PO-Revision-Date: 2006-08-07 23:22+0900\n"
++"Last-Translator: NAKANO Takeo <nakano@webmasters.gr.jp>\n"
+ "Language-Team: Japanese\n"
+ "MIME-Version: 1.0\n"
+ "Content-Type: text/plain; charset=UTF-8\n"
+@@ -17,15 +18,15 @@
+ 
+ #, c-format
+ msgid "Could not allocate space for config info.\n"
+-msgstr "設定情報用の空き容量が確保できませんでした.\n"
++msgstr "設定情報用の空き容量が確保できませんでした。\n"
+ 
+ #, c-format
+ msgid "configuration error - unknown item '%s' (notify administrator)\n"
+-msgstr "設定エラー - 不明なアイテム '%s'です  (notify administrator)\n"
++msgstr "設定エラー: 不明な項目 '%s' (管理者に連絡してください)\n"
+ 
+ #, c-format
+ msgid "Warning: unknown group %s\n"
+-msgstr "警告: 不明なグループ %sです\n"
++msgstr "警告: 不明なグループ %s\n"
+ 
+ #, c-format
+ msgid "Warning: too many groups\n"
+@@ -33,134 +34,136 @@
+ 
+ #, c-format
+ msgid "Your password has expired."
+-msgstr "あなたのパスワードは期限が切れました."
++msgstr "あなたのパスワードは期限が切れています。"
+ 
+ #, c-format
+ msgid "Your password is inactive."
+-msgstr "あなたのパスワードはinactiveです."
++msgstr "あなたのパスワードは現在使えません。"
+ 
+ #, c-format
+ msgid "Your login has expired."
+-msgstr "あなたのログインは期限が切れました."
++msgstr "あなたのアカウントは期限が切れました。"
+ 
+ msgid "  Contact the system administrator.\n"
+-msgstr "  システム管理者と相談してください.\n"
++msgstr "  システム管理者と相談してください。\n"
+ 
+ msgid "  Choose a new password.\n"
+-msgstr "  新しいパスワードを選択してください.\n"
++msgstr "  新しいパスワードを選択してください。\n"
+ 
+ #, c-format
+ msgid "Your password will expire in %ld days.\n"
+-msgstr "あなたのパスワードは%ld日中に期限が切れます.\n"
++msgstr "あなたのパスワードはあと %ld 日で期限が切れます。\n"
+ 
+ #, c-format
+ msgid "Your password will expire tomorrow.\n"
+-msgstr "あなたのパスワードは明日に期限が切れます.\n"
++msgstr "あなたのパスワードは明日で期限が切れます。\n"
+ 
+ #, c-format
+ msgid "Your password will expire today.\n"
+-msgstr "あなたのパスワードは本日期限切れです.\n"
++msgstr "あなたのパスワードは本日で期限が切れます。\n"
+ 
+ #, c-format
+ msgid "Unable to change tty %s"
+-msgstr "TTY %sを変更できません"
++msgstr "端末 %s に変更できません"
+ 
+ #, c-format
+ msgid "Environment overflow\n"
+-msgstr "環境オーバーフローです\n"
++msgstr "環境変数領域のオーバーフロー\n"
+ 
+ #, c-format
+ msgid "You may not change $%s\n"
+-msgstr "$%sを変更できません\n"
++msgstr "$%s を変更できません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid ""
+ "%d failure since last login.\n"
+ "Last was %s on %s.\n"
+ msgid_plural ""
+ "%d failures since last login.\n"
+ "Last was %s on %s.\n"
+-msgstr[0] "最後のログインから %d %s.  最後のログインは %s, マシン %s.\n"
++msgstr[0] ""
++"最後のログインから %d 回失敗。\n"
++"最後のログインは %s (マシン %s)。\n"
+ 
+ #, c-format
+ msgid "Too many logins.\n"
+-msgstr "ログインが多すぎます.\n"
++msgstr "ログイン試行数が制限を越えました。\n"
+ 
+ msgid "You have new mail."
+-msgstr "新しいメールが来ています."
++msgstr "新しいメールが来ています。"
+ 
+ msgid "No mail."
+-msgstr "メールはありません."
++msgstr "メールはありません。"
+ 
+ msgid "You have mail."
+-msgstr "メールがあります."
++msgstr "メールがあります。"
+ 
+-#, fuzzy
+ msgid "no change"
+-msgstr "%s: 変更はありません\n"
++msgstr "変更されていません"
+ 
+ msgid "a palindrome"
+-msgstr ""
++msgstr "回文になっています"
+ 
+ msgid "case changes only"
+-msgstr ""
++msgstr "大文字小文字しか変更されていません"
+ 
+ msgid "too similar"
+-msgstr ""
++msgstr "似すぎています"
+ 
+ msgid "too simple"
+-msgstr ""
++msgstr "単純すぎます"
+ 
+ msgid "rotated"
+-msgstr ""
++msgstr "循環になっています"
+ 
+ msgid "too short"
+-msgstr ""
++msgstr "短かすぎます"
+ 
+ #, c-format
+ msgid "Bad password: %s.  "
+-msgstr "不正なパスワードです: %s."
++msgstr "不正なパスワードです: %s "
+ 
+ #, c-format
+ msgid "passwd: pam_start() failed, error %d\n"
+-msgstr "passwd: pam_start: エラー %d\n"
++msgstr "passwd: pam_start() にエラー %d で失敗しました\n"
+ 
+ #, c-format
+ msgid "passwd: %s\n"
+ msgstr "パスワード: %s\n"
+ 
+ msgid "passwd: password updated successfully\n"
+-msgstr ""
++msgstr "passwd: パスワードは正しく更新されました\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "Incorrect password for %s.\n"
+-msgstr "%sのパスワードの変更\n"
++msgstr "%s のパスワードが正しくありません。\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "Unable to cd to '%s'\n"
+-msgstr "\"%s\"へディレクトリ変更できません\n"
++msgstr "'%s' へディレクトリを変更できません\n"
+ 
+ msgid "No directory, logging in with HOME=/"
+-msgstr "ディレクトリがありません. HOME=/ としてログインします"
++msgstr "ディレクトリがありません。HOME=/ としてログインします"
+ 
+ #, c-format
+ msgid "Cannot execute %s"
+-msgstr "%sを実行できません"
++msgstr "%s を実行できません"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "Invalid root directory '%s'\n"
+-msgstr "不正なルートディレクトリ  \"%s\" です\n"
++msgstr "ルートディレクトリ '%s' は不正です\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "Can't change root directory to '%s'\n"
+-msgstr "ルートディレクトリを \"%s\"へ変更できません\n"
++msgstr "ルートディレクトリを '%s' へ変更できません\n"
+ 
+ msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+ msgstr ""
++"utmp にエントリがありません。\"login\" を \"sh\" の最低レベルから行う"
++"必要があります"
+ 
+-#, fuzzy
+ msgid "Unable to determine your tty name."
+-msgstr "%s: あなたのユーザ名を判定できません.\n"
++msgstr "あなたの端末 (tty) 名を決定できません。"
+ 
+ #, c-format
+ msgid "malloc(%d) failed\n"
+@@ -171,7 +174,7 @@
+ 
+ #, c-format
+ msgid "%s's Password: "
+-msgstr "%sのパスワード: "
++msgstr "%s のパスワード: "
+ 
+ #, c-format
+ msgid ""
+@@ -191,21 +194,33 @@
+ "  -W, --warndays WARN_DAYS\tset expiration warning days to WARN_DAYS\n"
+ "\n"
+ msgstr ""
++"使い方: chage [オプション] [ログイン名]\n"
++"\n"
++"オプション\n"
++"  -d, --lastday LAST_DAY\tパスワードの最終変更日を LAST_DAY にする\n"
++"  -E, --expiredate EXPIRE_DATE\tアカウント期限切れの日を EXPIRE_DATE にする\n"
++"  -h, --help\t\t\tこのヘルプを表示して終了する\n"
++"  -I, --inactive INACTIVE\tパスワードを期限切れ後に無効化する日数を\n"
++"\t\t\t\tINACTIVEにする\n"
++"  -l, --list\t\t\tアカウントの経時情報を表示する\n"
++"  -m, --mindays MIN_DAYS\tパスワードが変更できるまでの最短日数を\n"
++"\t\t\t\tMIN_DAYS に変更する\n"
++"  -M, --maxdays MAX_DAYS\tパスワードが変更できる期間の最長日数を\n"
++"\t\t\t\tMAX_DAYS に変更する\n"
++"  -W, --warndays WARN_DAYS\t期限切れ警告の日数を WARN_DAYS にする\n"
+ 
+ #, c-format
+ msgid "Enter the new value, or press ENTER for the default\n"
+-msgstr ""
+-"新しい値を入力してください, 標準設定値を利用するには リターンを押してくださ"
+-"い.\n"
++msgstr "新しい値を入力してください。標準設定値を使うならリターンを押してください\n"
+ 
+ msgid "Minimum Password Age"
+-msgstr "最小パスワード変更不可能日数"
++msgstr "パスワード変更可能までの最短日数"
+ 
+ msgid "Maximum Password Age"
+-msgstr "最大パスワード変更可能日数"
++msgstr "パスワード変更可能期間の最長日数"
+ 
+ msgid "Last Password Change (YYYY-MM-DD)"
+-msgstr "最後パスワード変更日付 (YYYY-MM-DD)"
++msgstr "最後にパスワード変更した日付 (YYYY-MM-DD)"
+ 
+ msgid "Password Expiration Warning"
+ msgstr "パスワード期限切れ警告日数"
+@@ -216,53 +231,53 @@
+ msgid "Account Expiration Date (YYYY-MM-DD)"
+ msgstr "アカウント期限切れ日付 (YYYY-MM-DD)"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "Last password change\t\t\t\t\t: "
+-msgstr "最後パスワード変更日付 (YYYY-MM-DD)"
++msgstr "最終パスワード変更日\t\t\t\t:"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "never\n"
+-msgstr "なし:\n"
++msgstr "なし\n"
+ 
+ #, c-format
+ msgid "password must be changed\n"
+-msgstr "パスワードは変更されました.\n"
++msgstr "パスワードは変更しなければなりません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "Password expires\t\t\t\t\t: "
+-msgstr "パスワード期限:\t"
++msgstr "パスワード期限:\t\t\t\t\t: "
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "Password inactive\t\t\t\t\t: "
+-msgstr "パスワード無効:\t"
++msgstr "パスワード無効化中\t\t\t\t\t: "
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "Account expires\t\t\t\t\t\t: "
+-msgstr "アカウント期限切れ:\t"
++msgstr "アカウント期限切れ\t\t\t\t\t\t: "
+ 
+ #, c-format
+ msgid "Minimum number of days between password change\t\t: %ld\n"
+-msgstr ""
++msgstr "パスワードが変更できるまでの最短日数\t\t: %ld\n"
+ 
+ #, c-format
+ msgid "Maximum number of days between password change\t\t: %ld\n"
+-msgstr ""
++msgstr "パスワードを変更しなくてよい最長日数\t\t: %ld\n"
+ 
+ #, c-format
+ msgid "Number of days of warning before password expires\t: %ld\n"
+-msgstr ""
++msgstr "パスワード期限が切れる前に警告される日数\t\t: %ld\n"
+ 
+ #, c-format
+ msgid "%s: do not include \"l\" with other flags\n"
+-msgstr "%s: 他のフラグのため \"l\" オプションは含ませることができません\n"
++msgstr "%s: \"l\" オプションは他のフラグと同時には指定できません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: Permission denied.\n"
+-msgstr "%s: 権限がありません\n"
++msgstr "%s: 権限がありません。\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: PAM authentication failed\n"
+-msgstr "バイバスによってパスワードを認証します.\n"
++msgstr "%s: PAM 認証に失敗しました\n"
+ 
+ #, c-format
+ msgid "%s: can't open password file\n"
+@@ -270,59 +285,59 @@
+ 
+ #, c-format
+ msgid "%s: unknown user %s\n"
+-msgstr "%s: 不明なユーザ %s です\n"
++msgstr "%s: ユーザ %s は不明です\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: the shadow password file is not present\n"
+-msgstr "%s: シャドウ・パスワード・ファイルを開けません\n"
++msgstr "%s: シャドウパスワードファイルがありません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: can't lock shadow password file\n"
+-msgstr "シャドウ・パスワード・ファイルをロックできません\n"
++msgstr "%s: シャドウパスワードファイルをロックできません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: can't open shadow password file\n"
+-msgstr "%s: シャドウ・パスワード・ファイルを開けません\n"
++msgstr "%s: シャドウパスワードファイルを開けません\n"
+ 
+ #, c-format
+ msgid "%s: failed to drop privileges (%s)\n"
+-msgstr ""
++msgstr "%s: 特権を落とせませんでした (%s)\n"
+ 
+ #, c-format
+ msgid "Changing the aging information for %s\n"
+-msgstr "%sの期限情報を変更中\n"
++msgstr "%s の期限情報を変更中\n"
+ 
+ #, c-format
+ msgid "%s: error changing fields\n"
+-msgstr "%s: 項目変更でエラーが起こりました\n"
++msgstr "%s: フィールド変更の際にエラーが起きました\n"
+ 
+ #, c-format
+ msgid "%s: can't update password file\n"
+-msgstr "%s: パスワード・ファイルを更新しません\n"
++msgstr "%s: パスワードファイルを更新できません\n"
+ 
+ #, c-format
+ msgid "%s: can't update shadow password file\n"
+-msgstr "%s: シャドウ・パスワード・ファイルを更新しません\n"
++msgstr "%s: シャドウパスワードファイルを更新できません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: can't rewrite shadow password file\n"
+-msgstr "%s: シャドウ・パスワード・ファイルを削除できません\n"
++msgstr "%s: シャドウパスワードファイルを書換えできません\n"
+ 
+ #, c-format
+ msgid "%s: can't rewrite password file\n"
+-msgstr "%s: パスワード・ファイルを上書きできません\n"
++msgstr "%s: パスワードファイルを書換えできません\n"
+ 
+ #, c-format
+ msgid ""
+ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+ "\t[-h home_ph] [-o other] [user]\n"
+ msgstr ""
+-"使用法: %s [-f フルネーム] [-r ルームNo] [-w 職場TEL]\n"
++"使用法: %s [-f フルネーム] [-r 部屋番号] [-w 職場TEL]\n"
+ "\t[-h 自宅TEL] [-o その他] [ユーザ]\n"
+ 
+ #, c-format
+ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+-msgstr "使用法: %s [-f フルネーム] [-r ルームNo] [-w 職場TEL] [-h 自宅TEL]\n"
++msgstr "使用法: %s [-f フルネーム] [-r 部屋番号] [-w 職場TEL] [-h 自宅TEL]\n"
+ 
+ msgid "Full Name"
+ msgstr "フルネーム"
+@@ -334,62 +349,62 @@
+ msgid "Room Number"
+ msgstr "部屋番号"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "\tRoom Number: %s\n"
+-msgstr "部屋番号"
++msgstr "\t部屋番号: %s\n"
+ 
+ msgid "Work Phone"
+ msgstr "職場電話番号"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "\tWork Phone: %s\n"
+-msgstr "職場電話番号"
++msgstr "\t職場電話番号: %s\n"
+ 
+ msgid "Home Phone"
+ msgstr "自宅電話番号"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "\tHome Phone: %s\n"
+-msgstr "自宅電話番号"
++msgstr "\t自宅電話番号: %s\n"
+ 
+ msgid "Other"
+ msgstr "その他"
+ 
+ #, c-format
+ msgid "%s: Cannot determine your user name.\n"
+-msgstr "%s: あなたのユーザ名を判定できません.\n"
++msgstr "%s: あなたのユーザ名を判定できません。\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: cannot change user '%s' on NIS client.\n"
+-msgstr "%s: NISクライアント上でユーザ`%s'は変更できません.\n"
++msgstr "%s: NIS クライアントではユーザ '%s' を変更できません。\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: '%s' is the NIS master for this client.\n"
+-msgstr "%s: `%s'がこのクライアント用のNISマスターです.\n"
++msgstr "%s: '%s' がこのクライアントの NIS マスターです。\n"
+ 
+ #, c-format
+ msgid "Changing the user information for %s\n"
+-msgstr "%sのユーザ情報変更中\n"
++msgstr "%s のユーザ情報を変更中\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: invalid name: '%s'\n"
+-msgstr "%s: ユーザ名が不正です: \"%s\"\n"
++msgstr "%s: ユーザ名が不正です: '%s'\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: invalid room number: '%s'\n"
+-msgstr "%s: 部屋番号が不正です: \"%s\"\n"
++msgstr "%s: 部屋番号が不正です: '%s'\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: invalid work phone: '%s'\n"
+-msgstr "%s: 職場電話番号が不正です: \"%s\"\n"
++msgstr "%s: 職場電話番号が不正です: '%s'\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: invalid home phone: '%s'\n"
+-msgstr "%s: 自宅電話番号が不正です: \"%s\"\n"
++msgstr "%s: 自宅電話番号が不正です: '%s'\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: '%s' contains illegal characters\n"
+-msgstr "%s: \"%s\" は不正な文字を含んでいます\n"
++msgstr "%s: '%s' には利用できない文字が含まれています\n"
+ 
+ #, c-format
+ msgid "%s: fields too long\n"
+@@ -397,31 +412,31 @@
+ 
+ #, c-format
+ msgid "Cannot change ID to root.\n"
+-msgstr "IDをrootへ変更できません.\n"
++msgstr "ID を root へ変更できません。\n"
+ 
+ #, c-format
+ msgid "Cannot lock the password file; try again later.\n"
+-msgstr "パスワード・ファイルをロックできません; 後でもう一度試してください.\n"
++msgstr "パスワードファイルをロックできません; 後でもう一度試してください。\n"
+ 
+ #, c-format
+ msgid "Cannot open the password file.\n"
+-msgstr "パスワード・ファイルを開けません.\n"
++msgstr "パスワードファイルを開けません。\n"
+ 
+ #, c-format
+ msgid "%s: %s not found in /etc/passwd\n"
+-msgstr "%s: %sは /etc/passwd中に見付かりません\n"
++msgstr "%s: %s が /etc/passwd 中に見付かりません\n"
+ 
+ #, c-format
+ msgid "Error updating the password entry.\n"
+-msgstr "パスワード入力の更新のエラーです.\n"
++msgstr "パスワードエントリの更新がエラーになりました。\n"
+ 
+ #, c-format
+ msgid "Cannot commit password file changes.\n"
+-msgstr "パスワード・ファイルの変更を確定(commit)できません.\n"
++msgstr "パスワードファイルの変更を書き込めません。\n"
+ 
+ #, c-format
+ msgid "Cannot unlock the password file.\n"
+-msgstr "パスワード・ファイルをロック解除できません.\n"
++msgstr "パスワードファイルのロックを解除できません。\n"
+ 
+ #, c-format
+ msgid ""
+@@ -434,50 +449,58 @@
+ "\t\t\tpasswords are not encrypted\n"
+ "\n"
+ msgstr ""
++"使い方: chgpasswd [オプション]\n"
++"\n"
++"オプション:\n"
++"  -e, --encrypted\t与えたパスワードは暗号化済みである\n"
++"  -h, --help\t\tこのヘルプを表示して終了する\n"
++"  -m, --md5\t\t与えたパスワードが暗号化されていないとき、\n"
++"\t\t\tDES の代わりに MD5 を用いる\n"
++"\n"
+ 
+ #, c-format
+ msgid "%s: can't lock group file\n"
+-msgstr "%s: グループ・ファイルをロックできません\n"
++msgstr "%s: グループファイルをロックできません\n"
+ 
+ #, c-format
+ msgid "%s: can't open group file\n"
+ msgstr "%s: グループファイルを開けません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: can't lock gshadow file\n"
+-msgstr "%s: シャドウ・ファイルをロックできません\n"
++msgstr "%s: gshadow ファイルをロックできません\n"
+ 
+ #, c-format
+ msgid "%s: can't open shadow file\n"
+-msgstr "%s: シャドウ・ファイルを開けません\n"
++msgstr "%s: shadow ファイルを開けません\n"
+ 
+ #, c-format
+ msgid "%s: line %d: line too long\n"
+-msgstr "%s: %d 行: 1行が長過ぎます\n"
++msgstr "%s: %d 行: 行が長過ぎます\n"
+ 
+ #, c-format
+ msgid "%s: line %d: missing new password\n"
+ msgstr "%s: %d 行: 新規パスワードがありません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: line %d: unknown group %s\n"
+-msgstr "%s: %d 行: 不明なユーザ %s です\n"
++msgstr "%s: %d 行: グループ %s は不明です\n"
+ 
+ #, c-format
+ msgid "%s: line %d: cannot update password entry\n"
+-msgstr "%s: %d 行: パスワード入力を更新できません\n"
++msgstr "%s: %d 行: パスワードエントリを更新できません\n"
+ 
+ #, c-format
+ msgid "%s: error detected, changes ignored\n"
+-msgstr "%s: エラーが検出されました, 変更は無効になりました\n"
++msgstr "%s: エラーが検出されました。変更は行いません\n"
+ 
+ #, c-format
+ msgid "%s: error updating shadow file\n"
+-msgstr "%s: シャドウ・ファイルの更新にエラーです\n"
++msgstr "%s: シャドウファイル更新の際にエラーが起きました\n"
+ 
+ #, c-format
+ msgid "%s: error updating password file\n"
+-msgstr "%s: パスワード・ファイルの更新のエラーです\n"
++msgstr "%s: パスワードファイル更新の際にエラーが起きました\n"
+ 
+ #, c-format
+ msgid ""
+@@ -490,6 +513,14 @@
+ "\t\t\tpasswords are not encrypted\n"
+ "\n"
+ msgstr ""
++"使い方: chpasswd [オプション]\n"
++"\n"
++"オプション:\n"
++"  -e, --encrypted\tパスワードを暗号化した状態で渡す\n"
++"  -h, --help\t\tこのヘルプメッセージを表示して終了する\n"
++"  -m, --md5\t\t与えたパスワードが暗号化されていない場合、\n"
++"\t\t\tDES の代わりに MD5 を用いる\n"
++"\n"
+ 
+ #, c-format
+ msgid "%s: can't lock password file\n"
+@@ -497,11 +528,11 @@
+ 
+ #, c-format
+ msgid "%s: can't lock shadow file\n"
+-msgstr "%s: シャドウ・ファイルをロックできません\n"
++msgstr "%s: シャドウファイルをロックできません\n"
+ 
+ #, c-format
+ msgid "%s: line %d: unknown user %s\n"
+-msgstr "%s: %d 行: 不明なユーザ %s です\n"
++msgstr "%s: %d 行: ユーザ %s は不明です\n"
+ 
+ #, c-format
+ msgid ""
+@@ -512,17 +543,23 @@
+ "  -s, --shell SHELL\t\t\tnew login shell for the user account\n"
+ "\n"
+ msgstr ""
++"使い方: chsh [オプション]\n"
++"\n"
++"オプション:\n"
++"  -h, --help\t\tこのヘルプメッセージを表示して終了する\n"
++"  -s, --shell SHELL\tユーザのシェルを新たに SHELL にする\n"
++"\n"
+ 
+ msgid "Login Shell"
+-msgstr "ログイン・シェル"
++msgstr "ログインシェル"
+ 
+ #, c-format
+ msgid "You may not change the shell for %s.\n"
+-msgstr "あなたが %sのシェルを変更することはできません.\n"
++msgstr "あなたが %s のシェルを変更することはできません。\n"
+ 
+ #, c-format
+ msgid "Changing the login shell for %s\n"
+-msgstr "%sのログインシェルを変更中\n"
++msgstr "%s のログインシェルを変更中\n"
+ 
+ #, c-format
+ msgid "%s: Invalid entry: %s\n"
+@@ -530,7 +567,7 @@
+ 
+ #, c-format
+ msgid "%s is an invalid shell.\n"
+-msgstr "%sは不正なシェルです.\n"
++msgstr "%s は不正なシェルです。\n"
+ 
+ #, c-format
+ msgid "Usage: expiry {-f|-c}\n"
+@@ -556,18 +593,31 @@
+ "\t\t\t\tfor user with LOGIN\n"
+ "\n"
+ msgstr ""
++"使い方: faillog [オプション]\n"
++"\n"
++"オプション:\n"
++"  -a, --all\t\t全ユーザの faillog 記録を表示する\n"
++"  -h, --help\t\tこのヘルプメッセージを表示して終了する\n"
++"  -l, --lock-time SEC\tログイン失敗後 SEC 秒アカウントをロックする\n"
++"  -m, --maximum MAX\tログインの失敗が許される回数を MAX にする\n"
++"  -r, --reset\t\tログイン失敗のカウンタをリセットする\n"
++"  -t, --time DAYS\t最近 DAYS 日分の faillog 記録を表示する\n"
++"  -u, --user LOGIN\tユーザ LOGIN の faillog 記録を表示する。\n"
++"\t\t\tあるいは -r, -m, -l が同時に指定された場合は\n"
++"\t\t\tこのユーザの失敗カウンタを操作する\n"
++"\n"
+ 
+ #, c-format
+ msgid "Login       Failures Maximum Latest                   On\n"
+-msgstr ""
++msgstr "ログイン名  失敗     最大    最新                     場所\n"
+ 
+ #, c-format
+ msgid " [%lds left]"
+-msgstr ""
++msgstr "[残り %ld 秒]"
+ 
+ #, c-format
+ msgid " [%lds lock]"
+-msgstr ""
++msgstr "[ロック %ld 秒]"
+ 
+ #, c-format
+ msgid "Unknown User: %s\n"
+@@ -579,7 +629,7 @@
+ 
+ #, c-format
+ msgid "       %s [-a user] group\n"
+-msgstr "       %s [-d ユーザ] グループ\n"
++msgstr "       %s [-a ユーザ] グループ\n"
+ 
+ #, c-format
+ msgid "       %s [-d user] group\n"
+@@ -595,7 +645,7 @@
+ 
+ #, c-format
+ msgid "%s: shadow group passwords required for -A\n"
+-msgstr "%s: シャドウ・グループ・パスワードが -Aに対して必要です\n"
++msgstr "%s: -A にはシャドウグループパスワードが必要です\n"
+ 
+ #, c-format
+ msgid "Who are you?\n"
+@@ -607,7 +657,7 @@
+ 
+ #, c-format
+ msgid "Adding user %s to group %s\n"
+-msgstr "ユーザ %s をグループ %s から追加\n"
++msgstr "ユーザ %s をグループ %s に追加\n"
+ 
+ #, c-format
+ msgid "Removing user %s from group %s\n"
+@@ -615,15 +665,15 @@
+ 
+ #, c-format
+ msgid "%s: unknown member %s\n"
+-msgstr "%s: 不明な番号 %sです\n"
++msgstr "%s: メンバー %s は不明です\n"
+ 
+ #, c-format
+ msgid "%s: Not a tty\n"
+-msgstr "%s: TTYではありません\n"
++msgstr "%s: 端末ではありません\n"
+ 
+ #, c-format
+ msgid "Changing the password for group %s\n"
+-msgstr "%sグループのパスワードを変更\n"
++msgstr "グループ %s のパスワードを変更中\n"
+ 
+ msgid "New Password: "
+ msgstr "新規パスワード: "
+@@ -656,19 +706,19 @@
+ 
+ #, c-format
+ msgid "%s: can't update shadow entry\n"
+-msgstr "%s: シャドウ・エントリを更新できません\n"
++msgstr "%s: シャドウエントリを更新できません\n"
+ 
+ #, c-format
+ msgid "%s: can't re-write file\n"
+-msgstr "%s: ファイルを上書きできません\n"
++msgstr "%s: ファイルを書換えできません\n"
+ 
+ #, c-format
+ msgid "%s: can't re-write shadow file\n"
+-msgstr "%s: シャドウ・ファイルを上書きできません\n"
++msgstr "%s: シャドウファイルを書換えできません\n"
+ 
+ #, c-format
+ msgid "%s: can't unlock file\n"
+-msgstr "%s: ファイルをロックできません\n"
++msgstr "%s: ファイルのロックを解除できません\n"
+ 
+ #, c-format
+ msgid ""
+@@ -684,130 +734,142 @@
+ "\t\t\t\t(non-unique) GID\n"
+ "\n"
+ msgstr ""
++"使い方: groupadd [オプション] グループ名\n"
++"\n"
++"オプション:\n"
++"  -f, --force\t\t\t指定グループが存在していた場合、終了ステータス\n"
++"\t\t\t\tsuccess で強制的に終了する\n"
++"  -g, --gid GID\t\t\t新グループの GID\n"
++"  -h, --help\t\t\tこのヘルプメッセージを表示して終了する\n"
++"  -K, --key KEY=VALUE\t\t/etc/login.defs のデフォルトを変更する\n"
++"  -o, --non-unique\t\t一意でないグループ (GID の重なるグループ) の\n"
++"\t\t\t\t作成を許可する\n"
++"\n"
+ 
+ #, c-format
+ msgid "%s: error adding new group entry\n"
+-msgstr "%s: 新規グループエントリへ追加のエラーです\n"
++msgstr "%s: 新規グループエントリ追加の際にエラーが起きました\n"
+ 
+ #, c-format
+ msgid "%s: name %s is not unique\n"
+ msgstr "%s: 名前 %s は重複しています\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: GID %u is not unique\n"
+-msgstr "%s: ユーザID %u が重複しています\n"
++msgstr "%s: グループ ID %u が重複しています\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: can't get unique GID\n"
+-msgstr "%s: 一意のグループIDを取得できません\n"
++msgstr "%s: 他と重ならないグループ ID を取得できません\n"
+ 
+ #, c-format
+ msgid "%s: %s is not a valid group name\n"
+-msgstr "%s: %s は名前が重複しています\n"
++msgstr "%s: %s はグループ名として正しくありません\n"
+ 
+ #, c-format
+ msgid "%s: cannot rewrite group file\n"
+-msgstr "%s: グループ・ファイルを開けません\n"
++msgstr "%s: グループファイルを書換えできません\n"
+ 
+ #, c-format
+ msgid "%s: cannot rewrite shadow group file\n"
+-msgstr "%s: シャドウ・グループ・ファイルが開けません\n"
++msgstr "%s: シャドウグループファイルを書換えできません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: unable to lock group file\n"
+-msgstr "%s: グループ・ファイルをロックできません\n"
++msgstr "%s: グループファイルをロックできません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: unable to open group file\n"
+ msgstr "%s: グループファイルを開けません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: unable to lock shadow group file\n"
+-msgstr "%s: シャドウ・グループ・ファイルをロックできません\n"
++msgstr "%s: シャドウグループファイルをロックできません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: unable to open shadow group file\n"
+-msgstr "%s: シャドウ・グループ・ファイルが開けません\n"
++msgstr "%s: シャドウグループファイルを開けません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: invalid numeric argument '%s'\n"
+-msgstr "%s: コメント `%s' は不正です\n"
++msgstr "%s: 数値引数 '%s' が正しくありません\n"
+ 
+ #, c-format
+ msgid "%s: -K requires KEY=VALUE\n"
+-msgstr ""
++msgstr "%s: -K には KEY=VALUE が必要です\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: group %s exists\n"
+-msgstr "%s: ユーザ %s は存在します\n"
++msgstr "%s: グループ %s は既に存在します\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "Usage: groupdel group\n"
+ msgstr "使用法: groupdel グループ\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: error removing group entry\n"
+-msgstr "%s: グループ・エントリの更新のエラーです\n"
++msgstr "%s: グループエントリ削除の際にエラーが起きました\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: error removing shadow group entry\n"
+-msgstr "%s: シャドウ・パスワード・エントリ削除のエラーです\n"
++msgstr "%s: シャドウグループエントリ削除の際にエラーが起きました\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: cannot remove user's primary group.\n"
+-msgstr "%s: DBMグループ・エントリを更新できません\n"
++msgstr "%s: ユーザのプライマリグループは削除できません。\n"
+ 
+ #, c-format
+ msgid "%s: group %s does not exist\n"
+-msgstr "%s: %sグループ は存在しません\n"
++msgstr "%s: グループ %s は存在しません\n"
+ 
+ #, c-format
+ msgid "%s: group %s is a NIS group\n"
+-msgstr "%s: %sグループは NIS のグループです\n"
++msgstr "%s: グループ %s は NIS のグループです\n"
+ 
+ #, c-format
+ msgid "%s: %s is the NIS master\n"
+-msgstr "%s: %s は NIS マスターです\n"
++msgstr "%s: %s が NIS マスターです\n"
+ 
+ #, c-format
+ msgid "Member already exists\n"
+-msgstr ""
++msgstr "メンバーは既に存在します\n"
+ 
+ #, c-format
+ msgid "Member to remove could not be found\n"
+-msgstr ""
++msgstr "削除すべきメンバーが見付かりません\n"
+ 
+ #, c-format
+ msgid "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+ msgstr ""
++"使用法: groupmems -a ユーザ名 | -d ユーザ名 | -D | -l [-g グループ名]\n"
+ 
+ #, c-format
+ msgid "Only root can add members to different groups\n"
+-msgstr ""
++msgstr "メンバーを別のグループに追加できるのは root だけです\n"
+ 
+ #, c-format
+ msgid "Group access is required\n"
+-msgstr ""
++msgstr "グループアクセス権が必要です\n"
+ 
+ #, c-format
+ msgid "Not primary owner of current group\n"
+-msgstr ""
++msgstr "現グループのプライマリな所有者ではありません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "PAM authentication failed for\n"
+-msgstr "バイバスによってパスワードを認証します.\n"
++msgstr "PAM 認証に失敗しました\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "Unable to lock group file\n"
+-msgstr "%s: グループ・ファイルをロックできません\n"
++msgstr "グループファイルをロックできません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "Unable to open group file\n"
+-msgstr "%s: グループファイルを開けません\n"
++msgstr "グループファイルを開けません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "Cannot close group file\n"
+-msgstr "%s: グループ・ファイルを開けません\n"
++msgstr "グループファイルをクローズできません\n"
+ 
+ #, c-format
+ msgid ""
+@@ -820,34 +882,43 @@
+ "  -o, --non-unique\t\tallow using duplicate (non-unique) GID by GROUP\n"
+ "\n"
+ msgstr ""
++"使い方: groupmod [オプション] グループ名\n"
++"\n"
++"オプション:\n"
++"  -g, --gid GID\t\t\tグループの新 GID を設定する\n"
++"  -h, --help\t\t\tこのヘルプメッセージを表示して終了する\n"
++"  -n, --new-name NEW_GROUP\tグループの新グループ名を設定する\n"
++"  -o, --non-unique\t\t一意でないグループ (GID の重なるグループ) の\n"
++"\t\t\t\t使用を許可する\n"
++"\n"
+ 
+ #, c-format
+ msgid "%s: %s not found in /etc/group\n"
+ msgstr "%s: /etc/groupに %s が見付かりません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: %u is not a unique GID\n"
+-msgstr "%s: %u はグループIDが重複しています\n"
++msgstr "%s: グループ ID %u は重複しています\n"
+ 
+ #, c-format
+ msgid "%s: %s is not a unique name\n"
+-msgstr "%s: %s は名前が重複しています\n"
++msgstr "%s: 名前 %s は重複しています\n"
+ 
+ #, c-format
+ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+-msgstr "使用法: %s [-r] [-s] [グループ [グループシャドウ]]\n"
++msgstr "使用法: %s [-r] [-s] [group [gshadow]]\n"
+ 
+ #, c-format
+ msgid "Usage: %s [-r] [-s] [group]\n"
+-msgstr "使用法: %s [-r] [-s] [グループ]\n"
++msgstr "使用法: %s [-r] [-s] [group]\n"
+ 
+ #, c-format
+ msgid "No\n"
+-msgstr ""
++msgstr "No\n"
+ 
+ #, c-format
+ msgid "%s: -s and -r are incompatibile\n"
+-msgstr ""
++msgstr "%s: -s と -r は同時に指定できません\n"
+ 
+ #, c-format
+ msgid "%s: cannot lock file %s\n"
+@@ -859,39 +930,39 @@
+ 
+ #, c-format
+ msgid "invalid group file entry\n"
+-msgstr "不正なグループ・ファイルのエントリです\n"
++msgstr "不正なグループファイルエントリです\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "delete line '%s'? "
+-msgstr "`%s'行を削除しますか? "
++msgstr "行 '%s' を削除しますか? "
+ 
+ #, c-format
+ msgid "duplicate group entry\n"
+ msgstr "グループエントリが重複しています\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "invalid group name '%s'\n"
+-msgstr "不正なグループ名 `%s' です\n"
++msgstr "'%s' はグループ名として正しくありません\n"
+ 
+ #, c-format
+ msgid "group %s: no user %s\n"
+ msgstr "グループ %s: ユーザ %s はいません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "delete member '%s'? "
+-msgstr "メンバー `%s' を削除しますか? "
++msgstr "メンバー '%s' を削除しますか? "
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "no matching group file entry in %s\n"
+-msgstr "グループファイルエントリと一致しません\n"
++msgstr "%s には一致するグループファイルエントリがありません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "add group '%s' in %s ?"
+-msgstr "グループ %s: ユーザ %s はいません\n"
++msgstr "グループ %s を %s に追加しますか?"
+ 
+ #, c-format
+ msgid "%s: can't update shadow entry for %s\n"
+-msgstr "%s: %s のシャドウ・エントリを更新できません\n"
++msgstr "%s: %s のシャドウエントリを更新できません\n"
+ 
+ #, c-format
+ msgid "%s: can't update entry for group %s\n"
+@@ -899,27 +970,27 @@
+ 
+ #, c-format
+ msgid "invalid shadow group file entry\n"
+-msgstr "シャドウ・グループ・ファイル・エントリが不正です\n"
++msgstr "シャドウグループファイルのエントリが正しくありません\n"
+ 
+ #, c-format
+ msgid "duplicate shadow group entry\n"
+-msgstr "グループエントリが重複しています\n"
++msgstr "シャドウグループエントリが重複しています\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "shadow group %s: no administrative user %s\n"
+-msgstr "グループ %s: ユーザ %s はいません\n"
++msgstr "シャドウグループ %s: 管理ユーザ %s は存在しません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "delete administrative member '%s'? "
+-msgstr "メンバー `%s' を削除しますか? "
++msgstr "管理ユーザ '%s' を削除しますか?"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "shadow group %s: no user %s\n"
+-msgstr "グループ %s: ユーザ %s はいません\n"
++msgstr "シャドウグループ %s: ユーザ %s は存在しません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: cannot update file %s\n"
+-msgstr "%s: ファイル %s を開けません\n"
++msgstr "%s: ファイル %s を更新できません\n"
+ 
+ #, c-format
+ msgid "%s: the files have been updated\n"
+@@ -931,27 +1002,27 @@
+ 
+ #, c-format
+ msgid "%s: can't lock shadow group file\n"
+-msgstr "%s: シャドウ・グループ・ファイルをロックできません\n"
++msgstr "%s: シャドウグループファイルをロックできません\n"
+ 
+ #, c-format
+ msgid "%s: can't open shadow group file\n"
+-msgstr "%s: シャドウ・グループ・ファイルが開けません\n"
++msgstr "%s: シャドウグループファイルを開けません\n"
+ 
+ #, c-format
+ msgid "%s: can't remove shadow group %s\n"
+-msgstr "%s: シャドウ・グループ %s を削除できません\n"
++msgstr "%s: シャドウグループ %s を削除できません\n"
+ 
+ #, c-format
+ msgid "%s: can't update shadow group file\n"
+-msgstr "%s: シャドウ・グループ・ファイルを更新できません\n"
++msgstr "%s: シャドウグループファイルを更新できません\n"
+ 
+ #, c-format
+ msgid "%s: can't update group file\n"
+-msgstr "%s: グループ・ファイルを更新できません\n"
++msgstr "%s: グループファイルを更新できません\n"
+ 
+ #, c-format
+ msgid "%s: can't delete shadow group file\n"
+-msgstr "%s: グループ・ファイルを削除できません\n"
++msgstr "%s: シャドウグループファイルを削除できません\n"
+ 
+ #, c-format
+ msgid "Usage: id [-a]\n"
+@@ -976,6 +1047,13 @@
+ "  -u, --user LOGIN\tprint lastlog record for user with specified LOGIN\n"
+ "\n"
+ msgstr ""
++"使い方: lastlog [オプション]\n"
++"\n"
++"オプション:\n"
++"  -b, --before DAYS\tDAYS 日より以前の lastlog 記録だけを表示する\n"
++"  -h, --help\t\tこのヘルプメッセージを表示して終了する\n"
++"  -t, --time DAYS\tDAYS 日前以降の lastlog 記録だけを表示する\n"
++"  -u, --user LOGIN\t指定ユーザ LOGIN の lastlog 記録を表示する\n"
+ 
+ #, c-format
+ msgid "Username         Port     From             Latest\n"
+@@ -986,15 +1064,15 @@
+ msgstr "ユーザ名                ポート   最近のログイン\n"
+ 
+ msgid "**Never logged in**"
+-msgstr "**一度もログインはありません**"
++msgstr "**一度もログインしていません**"
+ 
+ #, c-format
+ msgid "lastlog: unexpected argument: %s\n"
+-msgstr ""
++msgstr "lastlog: この引き数は不正です: %s\n"
+ 
+ #, c-format
+ msgid "Usage: %s [-p] [name]\n"
+-msgstr "使用法:  %s [-p] [ユーザ名]\n"
++msgstr "使用法: %s [-p] [ユーザ名]\n"
+ 
+ #, c-format
+ msgid "       %s [-p] [-h host] [-f name]\n"
+@@ -1012,53 +1090,51 @@
+ msgid ""
+ "\n"
+ "System closed for routine maintenance\n"
+-msgstr ""
+-"\n"
+-"システムはメンテナンスルーチンに対して閉じました\n"
++msgstr "\nシステムは定期メンテナンスのため利用できません\n"
+ 
+ #, c-format
+ msgid ""
+ "\n"
+ "[Disconnect bypassed -- root login allowed.]\n"
+ msgstr ""
++"\n"
++"[切断を迂回 -- root ログインが可能です。]\n"
+ 
+ #, c-format
+ msgid ""
+ "\n"
+ "Login timed out after %d seconds.\n"
+ msgstr ""
++"\n"
++"あと %d 秒でログインはタイムアウトします。\n"
+ 
+ #, c-format
+ msgid " on '%.100s' from '%.200s'"
+-msgstr ""
++msgstr " on `%s.100s' from `%.200s'"
+ 
+ #, c-format
+ msgid " on '%.100s'"
+-msgstr ""
++msgstr " on `%.100s'"
+ 
+ #, c-format
+ msgid "login: PAM Failure, aborting: %s\n"
+-msgstr ""
++msgstr "login: PAM が失敗しました、終了します: %s\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s login: "
+-msgstr ""
+-"\n"
+-"%s ログイン: "
++msgstr "%s login: "
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "login: "
+-msgstr ""
+-"\n"
+-"%s ログイン: "
++msgstr "login: "
+ 
+ #, c-format
+ msgid "Maximum number of tries exceeded (%d)\n"
+-msgstr ""
++msgstr "最大試行回数 (%d) を越えました\n"
+ 
+ #, c-format
+ msgid "login: abort requested by PAM\n"
+-msgstr ""
++msgstr "login: PAM から中断要請がありました\n"
+ 
+ #, c-format
+ msgid ""
+@@ -1066,17 +1142,18 @@
+ "%s login: "
+ msgstr ""
+ "\n"
+-"%s ログイン: "
++"%s login: "
+ 
+ msgid "Login incorrect"
+ msgstr "ログインが違います"
+ 
+ #, c-format
+ msgid "%s: failure forking: %s"
+-msgstr ""
++msgstr "%s: fork に失敗しました: %s"
+ 
+ msgid "Warning: login re-enabled after temporary lockout.\n"
+ msgstr ""
++"警告: 一時的にロックアウトします。しばらく経ってからやり直してください。\n"
+ 
+ #, c-format
+ msgid "Last login: %s on %s"
+@@ -1088,12 +1165,14 @@
+ 
+ #, c-format
+ msgid " from %.*s"
+-msgstr " 場所 %.*s"
++msgstr " from %.*s"
+ 
+ msgid ""
+ "login time exceeded\n"
+ "\n"
+ msgstr ""
++"ログイン時間切れ\n"
++"\n"
+ 
+ #, c-format
+ msgid "Usage: newgrp [-] [group]\n"
+@@ -1103,16 +1182,16 @@
+ msgid "Usage: sg group [[-c] command]\n"
+ msgstr "使用法: sg グループ [[-c] コマンド]\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "unknown UID: %u\n"
+-msgstr "不明なグループIDです: %lu\n"
++msgstr "不明なユーザ ID: %u\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "unknown GID: %lu\n"
+-msgstr "不明なグループIDです: %lu\n"
++msgstr "不明なグループ ID: %lu\n"
+ 
+ msgid "Sorry.\n"
+-msgstr "申し訳ございません.\n"
++msgstr "ごめんなさい。\n"
+ 
+ #, c-format
+ msgid "too many groups\n"
+@@ -1124,47 +1203,47 @@
+ 
+ #, c-format
+ msgid "%s: can't lock /etc/passwd.\n"
+-msgstr "%s: /etc/passwd をロックできません.\n"
++msgstr "%s: /etc/passwd をロックできません。\n"
+ 
+ #, c-format
+ msgid "%s: can't lock files, try again later\n"
+-msgstr "%s: ファイルをロックできません, 後でもう一度試してください\n"
++msgstr "%s: ファイルをロックできません。後でもう一度試してください\n"
+ 
+ #, c-format
+ msgid "%s: can't open files\n"
+-msgstr "%s: ファイルを開きます\n"
++msgstr "%s: ファイルを開けません\n"
+ 
+ #, c-format
+ msgid "%s: line %d: invalid line\n"
+-msgstr "%s: %d行: 不正行です\n"
++msgstr "%s: %d 行: 不正な行です\n"
+ 
+ #, c-format
+ msgid "%s: line %d: can't create GID\n"
+-msgstr "%s: %d行: グループIDが作成できません\n"
++msgstr "%s: %d 行: グループ ID を作成できません\n"
+ 
+ #, c-format
+ msgid "%s: line %d: can't create UID\n"
+-msgstr "%s: %d行: ユーザIDが作成できません\n"
++msgstr "%s: %d 行: ユーザ ID を作成できません\n"
+ 
+ #, c-format
+ msgid "%s: line %d: cannot find user %s\n"
+-msgstr "%s: %d行: ユーザ %s が見付かりません\n"
++msgstr "%s: %d 行: ユーザ %s が見付かりません\n"
+ 
+ #, c-format
+ msgid "%s: line %d: can't update password\n"
+-msgstr "%s: %d行: パスワードを更新できません\n"
++msgstr "%s: %d 行: パスワードを更新できません\n"
+ 
+ #, c-format
+ msgid "%s: line %d: mkdir failed\n"
+-msgstr "%s: %d行: mkdir に失敗しました\n"
++msgstr "%s: %d 行: mkdir に失敗しました\n"
+ 
+ #, c-format
+ msgid "%s: line %d: chown failed\n"
+-msgstr "%s: %d行: chown に失敗しました\n"
++msgstr "%s: %d 行: chown に失敗しました\n"
+ 
+ #, c-format
+ msgid "%s: line %d: can't update entry\n"
+-msgstr "%s: %d行: エントリを更新できません\n"
++msgstr "%s: %d 行: エントリを更新できません\n"
+ 
+ #, c-format
+ msgid "%s: error updating files\n"
+@@ -1194,6 +1273,27 @@
+ "\t\t\t\tchange to MAX_DAYS\n"
+ "\n"
+ msgstr ""
++"使い方: passwd [オプション] [ログイン名]\n"
++"\n"
++"オプション:\n"
++"  -a, --all\t\t\t全アカウントのパスワード状態をレポートする\n"
++"  -d, --delete\t\t\t指定アカウントのパスワードを削除する\n"
++"  -e, --expire\t\t\t指定アカウントのパスワードを期限切れにする\n"
++"  -h, --help\t\t\tこのヘルプメッセージを表示して終了する\n"
++"  -k, --keep-tokens\t\t期限切れの場合にのみパスワードを変更する\n"
++"  -i, --inactive INACTIVE\t期限切れ後のパスワード無効化日数を\n"
++"\t\t\t\tINACTIVE にする\n"
++"  -l, --lock\t\t\t指定アカウントをロックする\n"
++"  -n, --mindays MIN_DAYS\tパスワードが変更できるまでの最短日数を\n"
++"\t\t\t\tMIN_DAYS に変更する\n"
++"  -q, --quiet\t\t\t表示抑制モード\n"
++"  -r, --repository REPOSITORY\tリポジトリ REPOSITORY のパスワードを変更する\n"
++"  -S, --status\t\t\t指定アカウントのパスワードの状態を報告する\n"
++"  -u, --unlock\t\t\t指定アカウントのロックを解除する\n"
++"  -w, --warndays WARN_DAYS\t期限切れ警告の日数を WARN_DAYS にする\n"
++"  -x, --maxdays MAX_DAYS\tパスワードが変更できる期間の最長日数を\n"
++"\t\t\t\tMAX_DAYS に変更する\n"
++"\n"
+ 
+ msgid "Old password: "
+ msgstr "古いパスワード: "
+@@ -1203,13 +1303,15 @@
+ "Enter the new password (minimum of %d, maximum of %d characters)\n"
+ "Please use a combination of upper and lower case letters and numbers.\n"
+ msgstr ""
++"新しいパスワードを入れてください (最低 %d 文字、最高 %d 文字)\n"
++"大文字・小文字・数字を混ぜて使うようにしてください。\n"
+ 
+ msgid "New password: "
+ msgstr "新しいパスワード: "
+ 
+ #, c-format
+ msgid "Try again.\n"
+-msgstr "もう一度お願いします.\n"
++msgstr "もう一度お願いします。\n"
+ 
+ #, c-format
+ msgid ""
+@@ -1217,56 +1319,55 @@
+ "Warning: weak password (enter it again to use it anyway).\n"
+ msgstr ""
+ "\n"
+-"警告: 脆いパスワードです (どうしても使う場合, もう一度これを入力してくださ"
+-"い).\n"
++"警告: 弱いパスワードです (どうしてもこれを使いたければもう一度入力)。\n"
+ 
+ #, c-format
+ msgid "They don't match; try again.\n"
+-msgstr "一致しません: もう一度お願いします.\n"
++msgstr "一致しません。もう一度お願いします。\n"
+ 
+ #, c-format
+ msgid "The password for %s cannot be changed.\n"
+-msgstr "%s のパスワードは変更できません.\n"
++msgstr "%s のパスワードは変更できません。\n"
+ 
+ #, c-format
+ msgid "Sorry, the password for %s cannot be changed yet.\n"
+-msgstr "申し訳ありませんが, %s のパスワードはまだ変更することはできません.\n"
++msgstr "申し訳ありませんが、%s のパスワードはまだ変更できません。\n"
+ 
+ #, c-format
+ msgid "%s: out of memory\n"
+-msgstr "%s: メモリがたりません\n"
++msgstr "%s: メモリが足りません\n"
+ 
+ #, c-format
+ msgid "%s: repository %s not supported\n"
+ msgstr "%s: レポジトリ %s はサポートしていません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: You may not view or modify password information for %s.\n"
+-msgstr "あなたは %s のパスワードを変更することはできません.\n"
++msgstr "%s: あなたは %s のパスワード情報を閲覧ないし変更できません。\n"
+ 
+ #, c-format
+ msgid "Changing password for %s\n"
+-msgstr "%sのパスワードの変更\n"
++msgstr "%s のパスワードを変更しています\n"
+ 
+ #, c-format
+ msgid "The password for %s is unchanged.\n"
+-msgstr "%sのパスワードは変更されません.\n"
++msgstr "%s のパスワードは変更されません。\n"
+ 
+ #, c-format
+ msgid "Password changed.\n"
+-msgstr "パスワードは変更されました.\n"
++msgstr "パスワードは変更されました。\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "Password set to expire.\n"
+-msgstr "あなたのパスワードは期限が切れました."
++msgstr "パスワードは期限付きになりました。\n"
+ 
+ #, c-format
+ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+-msgstr "使用: %s [-q] [-r] [-s] [パスワード [シャドウ]]\n"
++msgstr "使用法: %s [-q] [-r] [-s] [パスワード [シャドウ]]\n"
+ 
+ #, c-format
+ msgid "invalid password file entry\n"
+-msgstr "パスワード・ファイル・エントリが不正です\n"
++msgstr "パスワードファイルのエントリが不正です\n"
+ 
+ #, c-format
+ msgid "duplicate password entry\n"
+@@ -1274,7 +1375,7 @@
+ 
+ #, c-format
+ msgid "invalid user name '%s'\n"
+-msgstr "不正なユーザ名'%s' です\n"
++msgstr "ユーザ名 '%s' は不正です\n"
+ 
+ #, c-format
+ msgid "user %s: no group %u\n"
+@@ -1288,29 +1389,29 @@
+ msgid "user %s: program %s does not exist\n"
+ msgstr "ユーザ %s: プログラム %s は存在しません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "no matching password file entry in %s\n"
+-msgstr "パスワード・ファイル・エントリと一致しません\n"
++msgstr "一致するパスワードファイルエントリが %s にありません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "add user '%s' in %s? "
+-msgstr "グループ %s: ユーザ %s はいません\n"
++msgstr "ユーザ '%s' を '%s' に追加しますか?"
+ 
+ #, c-format
+ msgid "%s: can't update passwd entry for %s\n"
+-msgstr "%s: %sのパスワードエントリを更新できません\n"
++msgstr "%s: %s のパスワードエントリを更新できません\n"
+ 
+ #, c-format
+ msgid "invalid shadow password file entry\n"
+-msgstr "不正なシャドウ・パスワード・エントリです\n"
++msgstr "不正なシャドウパスワードのエントリです\n"
+ 
+ #, c-format
+ msgid "duplicate shadow password entry\n"
+-msgstr "シャドウ・パスワード・エントリが重複しています\n"
++msgstr "シャドウパスワードエントリが重複しています\n"
+ 
+ #, c-format
+ msgid "user %s: last password change in the future\n"
+-msgstr "ユーザ %s: 最後のパスワード変更が未来にあります\n"
++msgstr "ユーザ %s: 最後のパスワード変更が未来になっています\n"
+ 
+ #, c-format
+ msgid "%s: can't lock passwd file\n"
+@@ -1322,7 +1423,7 @@
+ 
+ #, c-format
+ msgid "%s: can't remove shadow entry for %s\n"
+-msgstr "%s: %sのシャドウ・エントリを削除できません\n"
++msgstr "%s: %s のシャドウエントリを削除できません\n"
+ 
+ #, c-format
+ msgid "%s: can't update shadow file\n"
+@@ -1338,26 +1439,26 @@
+ 
+ #, c-format
+ msgid "%s: can't delete shadow password file\n"
+-msgstr "%s: シャドウ・パスワード・ファイルを削除できません\n"
++msgstr "%s: シャドウパスワードファイルを削除できません\n"
+ 
+ #, c-format
+ msgid "Access to su to that account DENIED.\n"
+-msgstr "suでこのアカウントへアクセスすることを拒否されました.\n"
++msgstr "このアカウントへの su アクセスは禁止されています。\n"
+ 
+ #, c-format
+ msgid "Password authentication bypassed.\n"
+-msgstr "バイバスによってパスワードを認証します.\n"
++msgstr "パスワード認証を迂回します。\n"
+ 
+ #, c-format
+ msgid "Please enter your OWN password as authentication.\n"
+-msgstr "認証として, あなた所有のパスワードを入力してください.\n"
++msgstr "「あなた自身のパスワード」を入力して認証してください。\n"
+ 
+ msgid "Sorry."
+-msgstr "申し訳ございません."
++msgstr "ごめんなさい。"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: %s\n"
+-msgstr "パスワード: %s\n"
++msgstr "%s: %s\n"
+ 
+ #, c-format
+ msgid ""
+@@ -1373,10 +1474,20 @@
+ "  -s, --shell SHELL\t\tuse SHELL instead of the default in passwd\n"
+ "\n"
+ msgstr ""
++"使用法: su [オプション] [ユーザ名]\n"
++"\n"
++"オプション:\n"
++"  -c, --command COMMAND\t\t起動したシェルにコマンド COMMAND を渡す\n"
++"  -h, --help\t\t\tこのヘルプを表示して終了する\n"
++"  -, -l, --login\t\tそのシェルをログインシェルにする\n"
++"  -m, -p,\n"
++"  --preserve-environment\t環境変数をリセットせず、シェルも同じものを使う\n"
++"  -s, --shell SHELL\t\tpasswd にあるデフォルト値でなくシェル SHELL を使う\n"
++"\n"
+ 
+ #, c-format
+ msgid "%s: must be run from a terminal\n"
+-msgstr "%s: 端末上から実行してください\n"
++msgstr "%s: 端末から実行してください\n"
+ 
+ #, c-format
+ msgid "%s: pam_start: error %d\n"
+@@ -1384,14 +1495,14 @@
+ 
+ #, c-format
+ msgid "Unknown id: %s\n"
+-msgstr "不明な IDです: %s\n"
++msgstr "不明な ID です: %s\n"
+ 
+ #, c-format
+ msgid "You are not authorized to su %s\n"
+-msgstr "あなたは su %s に認証できませんでした\n"
++msgstr "あなたには su %s する権限がありません\n"
+ 
+ msgid "(Enter your own password)"
+-msgstr "(あなた自身のパスワードを入力してください)"
++msgstr "(あなたのパスワードを入力してください)"
+ 
+ #, c-format
+ msgid ""
+@@ -1399,7 +1510,7 @@
+ "(Ignored)\n"
+ msgstr ""
+ "%s: %s\n"
+-"(無効)\n"
++"(無視)\n"
+ 
+ #, c-format
+ msgid "No shell\n"
+@@ -1411,44 +1522,47 @@
+ 
+ #, c-format
+ msgid "No password entry for 'root'\n"
+-msgstr "'root'のパスワードエントリがありません\n"
++msgstr "'root' のパスワードエントリがありません\n"
+ 
+ msgid ""
+ "\n"
+ "Type control-d to proceed with normal startup,\n"
+ "(or give root password for system maintenance):"
+ msgstr ""
++"\n"
++"通常の起動を継続するには Ctrl-D を押してください。\n"
++"(システムメンテナンスをするには root のパスワードを入力):"
+ 
+ msgid "Entering System Maintenance Mode\n"
+ msgstr "システムメンテナンスモードへ入ります\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: unknown GID %s\n"
+-msgstr "%s: 不明なグループID %s\n"
++msgstr "%s: グループ ID %s は不明です\n"
+ 
+ #, c-format
+ msgid "%s: unknown group %s\n"
+-msgstr "%s: 不明なグループ %s\n"
++msgstr "%s: グループ %s は不明です\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: cannot create new defaults file\n"
+-msgstr "%s: グループ・ファイルを開けません\n"
++msgstr "%s: 新しいデフォルトファイルを作れません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: cannot open new defaults file\n"
+-msgstr "%s: グループ・ファイルを開けません\n"
++msgstr "%s: 新しいデフォルトファイルを開けません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: rename: %s"
+-msgstr "%s: %sを作成できません"
++msgstr "%s: ファイル名変更: %s"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: group '%s' is a NIS group.\n"
+-msgstr "%s: %sグループは NIS のグループです\n"
++msgstr "%s: グループ '%s' は NIS グループです。\n"
+ 
+ #, c-format
+ msgid "%s: too many groups specified (max %d).\n"
+-msgstr ""
++msgstr "%s: 指定したグループ数が多すぎます (最大 %d 個)。\n"
+ 
+ #, c-format
+ msgid ""
+@@ -1480,113 +1594,142 @@
+ "  -u, --uid UID\t\t\tforce use the UID for the new user account\n"
+ "\n"
+ msgstr ""
++"使い方: useradd [オプション] ログイン名\n"
++"\n"
++"オプション:\n"
++"  -b, --base-dir BASE_DIR\t新ユーザアカウントのホームディレクトリの\n"
++"\t\t\t\tベースディレクトリを指定する\n"
++"  -c, --comment COMMENT\t\t新ユーザアカウントの GECOS フィールド\n"
++"  -d, --home-dir HOME_DIR\t新ユーザアカウントのホームディレクトリ\n"
++"  -D, --defaults\t\t変更された useradd のデフォルト設定を\n"
++"\t\t\t\t保存または表示する\n"
++"  -e, --expiredate EXPIRE_DATE\tアカウント期限切れの日を EXPIRE_DATE にする\n"
++"  -f, --inactive INACTIVE\tパスワードを期限切れ後に無効化する日数を\n"
++"\t\t\t\tINACTIVEにする\n"
++"  -g, --gid GROUP\t\t新ユーザアカウントのグループを GROUP にする\n"
++"  -G, --groups GROUPS\t\t新ユーザアカウントの補助グループの\n"
++"\t\t\t\tリストを与える\n"
++"  -h, --help\t\t\tこのヘルプを表示して終了する\n"
++"  -k, --skel SKEL_DIR\t\tskel ディレクトリを指定する\n"
++"  -K, --key KEY=VALUE\t\t/etc/login.defs のデフォルトを変更する\n"
++"  -m, --create-home\t\t新ユーザアカウントのホームディレクトリを\n"
++"\t\t\t\t作成する\n"
++"  -o, --non-unique\t\t一意でないユーザ (UID の重なるユーザ) の\n"
++"\t\t\t\t作成を許可する\n"
++"  -p, --password PASSWORD\t新ユーザアカウントの暗号化済みパスワードを\n"
++"\t\t\t\t与える\n"
++"  -s, --shell SHELL\t\t新ユーザアカウントのログインシェル\n"
++"  -u, --uid UID\t\t\t新ユーザアカウントのユーザ ID を指定する\n"
++"\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: UID %u is not unique\n"
+-msgstr "%s: ユーザID %u が重複しています\n"
++msgstr "%s: ユーザ ID %u は重複しています\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: can't get unique UID\n"
+-msgstr "%s: 一意のグループIDを取得できません\n"
++msgstr "%s: 他と重ならないユーザ ID を取得できません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: invalid base directory '%s'\n"
+-msgstr "%s: ベースディレクトリ `%s' は不正です\n"
++msgstr "%s: ベースディレクトリ '%s' は不正です\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: invalid comment '%s'\n"
+-msgstr "%s: コメント `%s' は不正です\n"
++msgstr "%s: コメント '%s' は不正です\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: invalid home directory '%s'\n"
+-msgstr "%s: ホームディレクトリ `%s' は不正です\n"
++msgstr "%s: ホームディレクトリ '%s' は不正です\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: invalid date '%s'\n"
+-msgstr "%s: 日付 `%s' は不正です\n"
++msgstr "%s: 日付 '%s' は不正です\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: shadow passwords required for -e\n"
+-msgstr "%s: シャドウ・パスワードには -e および -e が必要です\n"
++msgstr "%s: シャドウパスワードには -e が必要です\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: shadow passwords required for -f\n"
+-msgstr "%s: シャドウ・パスワードには -e および -e が必要です\n"
++msgstr "%s: シャドウパスワードには -f が必要です\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: invalid field '%s'\n"
+-msgstr "%s: シェル `%s' は不正です\n"
++msgstr "%s: フィールド '%s' は不正です\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: invalid shell '%s'\n"
+-msgstr "%s: シェル `%s' は不正です\n"
++msgstr "%s: シェル '%s' は不正です\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: invalid user name '%s'\n"
+-msgstr "不正なユーザ名'%s' です\n"
++msgstr "%s: ユーザ名 '%s' は不正です\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: cannot rewrite password file\n"
+-msgstr "%s: パスワード・ファイルを上書きできません\n"
++msgstr "%s: パスワードファイルの書換えができません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: cannot rewrite shadow password file\n"
+-msgstr "%s: シャドウ・パスワード・ファイルを削除できません\n"
++msgstr "%s: シャドウパスワードファイルの書換えができません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: unable to lock password file\n"
+-msgstr "%s: パスワードファイルをロックできません\n"
++msgstr "%s: パスワードファイルがロックできません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: unable to open password file\n"
+ msgstr "%s: パスワードファイルが開けません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: cannot lock shadow password file\n"
+-msgstr "シャドウ・パスワード・ファイルをロックできません\n"
++msgstr "%s: シャドウパスワードファイルがロックできません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: cannot open shadow password file\n"
+-msgstr "%s: シャドウ・パスワード・ファイルを開けません\n"
++msgstr "%s: シャドウパスワードファイルが開けません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: error locking group file\n"
+-msgstr "%s: グループ・ファイルをロックできません\n"
++msgstr "%s: グループファイルのロックでエラーが起きました\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: error opening group file\n"
+-msgstr "%s: グループ・ファイルを開けません\n"
++msgstr "%s: グループファイルを開く際にエラーが起きました\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: error locking shadow group file\n"
+-msgstr "%s: シャドウ・グループ・ファイルをロックできません\n"
++msgstr "%s: シャドウグループファイルのロックでエラーが起きました\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: error opening shadow group file\n"
+-msgstr "%s: シャドウ・グループ・ファイルが開けません\n"
++msgstr "%s: シャドウグループファイルを開く際にエラーが起きました\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: error adding new password entry\n"
+-msgstr "%s: パスワードDBMエントリ追加のエラーです\n"
++msgstr "%s: 新しいパスワードエントリの追加の際にエラーが起きました\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: error adding new shadow password entry\n"
+-msgstr "%s: シャドウ・パスワード・エントリ削除のエラーです\n"
++msgstr "%s: 新しいシャドウパスワードエントリ追加の際にエラーが起きました\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: cannot create directory %s\n"
+-msgstr "%s: ディレクトリ%sを %sへ名前変更できません\n"
++msgstr "%s: ディレクトリ %s を作成できません\n"
+ 
+ msgid "Creating mailbox file"
+-msgstr ""
++msgstr "メールボックスファイルを作成します"
+ 
+ #, c-format
+ msgid ""
+ "Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+ msgstr ""
++"グループ 'mail' が見付かりません。ユーザのメールボックスファイルを\n"
++"モード 0600 で作成します\n"
+ 
+ msgid "Setting mailbox file permissions"
+-msgstr ""
++msgstr "メールボックスファイルの許可属性を設定します"
+ 
+ #, c-format
+ msgid "%s: user %s exists\n"
+@@ -1596,18 +1739,20 @@
+ msgid ""
+ "%s: group %s exists - if you want to add this user to that group, use -g.\n"
+ msgstr ""
+-"%s: グループ %s は存在します − もしこのユーザをそのグループへ追加するには, -"
+-"g を利用してください.\n"
++"%s: グループ %s は存在します。このユーザをそのグループへ追加するには -g を用"
++"いてください。\n"
+ 
+ #, c-format
+ msgid ""
+ "%s: warning: the home directory already exists.\n"
+ "Not copying any file from skel directory into it.\n"
+ msgstr ""
++"%s: 警告: ホームディレクトリが既に存在します。\n"
++"skel ディレクトリからのコピーは行いません。\n"
+ 
+ #, c-format
+ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+-msgstr ""
++msgstr "%s: 警告: CREATE_HOME はサポートされていません。-m を用いてください。\n"
+ 
+ #, c-format
+ msgid ""
+@@ -1619,30 +1764,38 @@
+ "  -r, --remove\t\t\tremove home directory and mail spool\n"
+ "\n"
+ msgstr ""
++"使い方: userdel [オプション] ログイン名\n"
++"\n"
++"オプション:\n"
++"  -f, --force\t\t\t当該ユーザの所有でないファイルも削除する\n"
++"  -h, --help\t\t\tこのヘルプを表示して終了する\n"
++"  -r, --remove\t\t\tホームディレクトリとメールスプールを削除する\n"
++"\n"
+ 
+ #, c-format
+ msgid "%s: error updating group entry\n"
+-msgstr "%s: グループ・エントリの更新のエラーです\n"
++msgstr "%s: グループエントリ更新の際にエラーが起きました\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: Cannot remove group %s which is a primary group for another user.\n"
+-msgstr "%s: DBMグループ・エントリを更新できません\n"
++msgstr ""
++"%s: グループ %s は他のユーザのプライマリグループなので削除できません。\n"
+ 
+ #, c-format
+ msgid "%s: cannot open group file\n"
+-msgstr "%s: グループ・ファイルを開けません\n"
++msgstr "%s: グループファイルを開けません\n"
+ 
+ #, c-format
+ msgid "%s: cannot open shadow group file\n"
+-msgstr "%s: シャドウ・グループ・ファイルが開けません\n"
++msgstr "%s: シャドウグループファイルを開けません\n"
+ 
+ #, c-format
+ msgid "%s: error deleting password entry\n"
+-msgstr "%s: パスワード・エントリ削除のエラーです\n"
++msgstr "%s: パスワードエントリの削除でエラーが起きました\n"
+ 
+ #, c-format
+ msgid "%s: error deleting shadow password entry\n"
+-msgstr "%s: シャドウ・パスワード・エントリ削除のエラーです\n"
++msgstr "%s: シャドウパスワードエントリの削除でエラーが起きました\n"
+ 
+ #, c-format
+ msgid "%s: user %s is currently logged in\n"
+@@ -1650,11 +1803,11 @@
+ 
+ #, c-format
+ msgid "%s: %s not owned by %s, not removing\n"
+-msgstr "%s: %sは %sの所有ではありません, 削除は行いません\n"
++msgstr "%s: %s は %s の所有ではありません。削除は行いません\n"
+ 
+-#, fuzzy, c-format
++#, c-format
+ msgid "%s: warning: can't remove "
+-msgstr "%s: 警告: %s は%sの所有ではありません\n"
++msgstr "%s: 警告: 削除できません"
+ 
+ #, c-format
+ msgid "%s: user %s does not exist\n"
+@@ -1666,11 +1819,12 @@
+ 
+ #, c-format
+ msgid "%s: not removing directory %s (would remove home of user %s)\n"
+-msgstr "%s: ディレクトリ%s の削除は行いません (would remove home of user %s)\n"
++msgstr ""
++"%s: ディレクトリ %s の削除は行いません (ユーザ %s のホームディレクトリです)\n"
+ 
+ #, c-format
+ msgid "%s: error removing directory %s\n"
+-msgstr "%s: ディレクトリ %s の削除のエラーです\n"
++msgstr "%s: ディレクトリ %s の削除でエラーが起きました\n"
+ 
+ #, c-format
+ msgid ""
+@@ -1698,6 +1852,31 @@
+ "  -U, --unlock\t\t\tunlock the user account\n"
+ "\n"
+ msgstr ""
++"使い方: usermod [オプション] ログイン名\n"
++"\n"
++"オプション:\n"
++"  -a, --append\t\t\tユーザを補助グループ GROUPS に追加する\n"
++"\t\t\t\t(-G が指定された場合のみ)\n"
++"  -c, --comment COMMENT\t\tGECOS フィールドの値を再設定する\n"
++"  -d, --home HOME_DIR\t\tユーザアカウントのホームディレクトリを\n"
++"\t\t\t\t再設定する\n"
++"  -e, --expiredate EXPIRE_DATE\tアカウント期限切れの日を EXPIRE_DATE にする\n"
++"  -f, --inactive INACTIVE\tパスワードを期限切れ後に無効化する日数を\n"
++"\t\t\t\tINACTIVEにする\n"
++"  -g, --gid GROUP\t\t主グループを GROUP に変更する\n"
++"  -G, --groups GROUPS\t\t新たな補助グループのリストを与える\n"
++"  -h, --help\t\t\tこのヘルプを表示して終了する\n"
++"  -l, --login NEW_LOGIN\t\tログイン名を変更する\n"
++"  -L, --lock\t\t\tこのユーザアカウントをロックする\n"
++"  -m, --move-home\t\t現ホームディレクトリの内容を新たな場所に\n"
++"\t\t\t\t移動する (-d が指定された場合のみ)\n"
++"  -o, --non-unique\t\t一意でないユーザ (UID の重なるユーザ) を\n"
++"\t\t\t\t許可する\n"
++"  -p, --password PASSWORD\t新たな暗号化済みパスワードを与える\n"
++"  -s, --shell SHELL\t\tこのユーザのログインシェルを変更する\n"
++"  -u, --uid UID\t\t\tこのユーザの UID を変更する\n"
++"  -U, --unlock\t\t\tこのユーザアカウントのロックを解除する\n"
++"\n"
+ 
+ #, c-format
+ msgid "%s: out of memory in update_group\n"
+@@ -1705,7 +1884,7 @@
+ 
+ #, c-format
+ msgid "%s: out of memory in update_gshadow\n"
+-msgstr "%s: update_shdow 中にメモリが不足しました\n"
++msgstr "%s: update_gshadow 中にメモリが不足しました\n"
+ 
+ #, c-format
+ msgid "%s: no flags given\n"
+@@ -1713,57 +1892,57 @@
+ 
+ #, c-format
+ msgid "%s: shadow passwords required for -e and -f\n"
+-msgstr "%s: シャドウ・パスワードには -e および -e が必要です\n"
++msgstr "%s: -e および -f にはシャドウパスワードが必要です\n"
+ 
+ #, c-format
+ msgid "%s: -a flag is ONLY allowed with the -G flag\n"
+-msgstr ""
++msgstr "%s: -a フラグは -G フラグと共に指定する必要があります\n"
+ 
+ #, c-format
+ msgid "%s: uid %lu is not unique\n"
+-msgstr "%s: ユーザID %lu が重複しています\n"
++msgstr "%s: ユーザ ID %lu が重複しています\n"
+ 
+ #, c-format
+ msgid "%s: error changing password entry\n"
+-msgstr "%s: パスワード・エントリ変更のエラーです\n"
++msgstr "%s: パスワードエントリの変更でエラーが起きました\n"
+ 
+ #, c-format
+ msgid "%s: error removing password entry\n"
+-msgstr "%s: パスワード・エントリ削除のエラーです\n"
++msgstr "%s: パスワードエントリの削除でエラーが起きました\n"
+ 
+ #, c-format
+ msgid "%s: error removing shadow password entry\n"
+-msgstr "%s: シャドウ・パスワード・エントリ削除のエラーです\n"
++msgstr "%s: シャドウパスワードエントリの削除でエラーが起きました\n"
+ 
+ #, c-format
+ msgid "%s: directory %s exists\n"
+-msgstr "%s: ディレクトリ %sは存在します\n"
++msgstr "%s: ディレクトリ %s は存在します\n"
+ 
+ #, c-format
+ msgid "%s: can't create %s\n"
+-msgstr "%s: %sを 作成できません\n"
++msgstr "%s: %s を作成できません\n"
+ 
+ #, c-format
+ msgid "%s: can't chown %s\n"
+-msgstr "%s: %sをchownできません\n"
++msgstr "%s: %s を chown できません\n"
+ 
+ #, c-format
+ msgid "%s: warning: failed to completely remove old home directory %s"
+-msgstr ""
++msgstr "%s: 警告: 古いホームディレクトリ %s を完全削除できませんでした"
+ 
+ #, c-format
+ msgid "%s: cannot rename directory %s to %s\n"
+-msgstr "%s: ディレクトリ%sを %sへ名前変更できません\n"
++msgstr "%s: ディレクトリ %s の名前を %s に変更できません\n"
+ 
+ #, c-format
+ msgid "%s: warning: %s not owned by %s\n"
+-msgstr "%s: 警告: %s は%sの所有ではありません\n"
++msgstr "%s: 警告: %s は %s の所有ではありません\n"
+ 
+ msgid "failed to change mailbox owner"
+-msgstr "mailboxの所有者の変更に失敗しました"
++msgstr "mailbox 所有者の変更に失敗しました"
+ 
+ msgid "failed to rename mailbox"
+-msgstr "mailboxの名前変更に失敗しました"
++msgstr "mailbox の名前変更に失敗しました"
+ 
+ #, c-format
+ msgid ""
+@@ -1777,6 +1956,15 @@
+ "  -s, --shadow\t\t\tedit shadow or gshadow database\n"
+ "\n"
+ msgstr ""
++"使い方: vipw [オプション]\n"
++"\n"
++"オプション:\n"
++"  -g, --group\t\t\tgroup データベースを編集する\n"
++"  -h, --help\t\t\tこのヘルプを表示して終了する\n"
++"  -p, --passwd\t\t\tpasswd データベースを編集する\n"
++"  -q, --quiet\t\t\t表示抑制モード\n"
++"  -s, --shadow\t\t\tshadow ないし gshadow データベースを編集する\n"
++"\n"
+ 
+ #, c-format
+ msgid ""
+@@ -1784,7 +1972,7 @@
+ "%s: %s is unchanged\n"
+ msgstr ""
+ "\n"
+-"%s: %s の変更は行われません\n"
++"%s: %s は変更されません\n"
+ 
+ msgid "Couldn't lock file"
+ msgstr "ファイルをロックできません"
+@@ -1794,4 +1982,4 @@
+ 
+ #, c-format
+ msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+-msgstr "%s: %sを復旧できませんでした: %s (あなたの変更は%sにあります)\n"
++msgstr "%s: %s を復旧できませんでした: %s (あなたの変更は %s にあります)\n"
--- shadow-4.0.18.1.orig/debian/patches/483_su_fakelogin_wrong_arg0
+++ shadow-4.0.18.1/debian/patches/483_su_fakelogin_wrong_arg0
@@ -0,0 +1,17 @@
+Goal: shell's name must be -su when a su fakes a login
+
+Status wrt upstream: not reported yet
+
+Index: shadow-4.0.18.1/src/su.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/su.c	2006-09-17 12:18:08.884123984 +0200
++++ shadow-4.0.18.1/src/su.c	2006-09-17 12:18:09.492128818 +0200
+@@ -916,7 +916,7 @@
+ 		 * Use the shell and create an argv
+ 		 * with the rest of the command line included.
+ 		 */
+-		argv[-1] = shellstr;
++		argv[-1] = cp;
+ #ifndef USE_PAM
+ 		(void) execve (shellstr, &argv[-1], environ);
+ 		err = errno;
--- shadow-4.0.18.1.orig/debian/patches/480_getopt_args_reorder
+++ shadow-4.0.18.1/debian/patches/480_getopt_args_reorder
@@ -0,0 +1,54 @@
+Goal: Allow SU options to be passed after - or the username
+
+Fixes: #331438 or #346445 in popularity-contest
+
+Note: The man page is clear about su usage:
+su [options] [-] [username [args]]
+but too many package are using this feature
+
+GNU su should also allow that.
+
+The only drawback I can see is (for upstream) that "su -x" (whish should
+start a shell in debug mode) won't work (su -- -x) will have to be used
+instead.
+This was a problem when -c was not an su option, but it is no more the
+case (a -- would have to be added for all the su -c "command"
+invocations).
+
+Index: shadow-4.0.18.1/src/su.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/su.c	2006-09-17 12:18:07.616113902 +0200
++++ shadow-4.0.18.1/src/su.c	2006-09-17 12:18:08.884123984 +0200
+@@ -374,19 +374,9 @@
+ 		};
+ 
+ 		while ((c =
+-			getopt_long (argc, argv, "-c:hlmps:", long_options,
++			getopt_long (argc, argv, "c:hlmps:", long_options,
+ 				     &option_index)) != -1) {
+ 			switch (c) {
+-			case 1:
+-				/* this is not an su option */
+-				/* The next arguments are either '-', the
+-				 * target name, or arguments to be passed
+-				 * to the shell.
+-				 */
+-				/* rewind the (not yet handled) option */
+-				optind--;
+-				goto end_su_options;
+-				break;	/* NOT REACHED */
+ 			case 'c':
+ 				command = optarg;
+ 				break;
+@@ -408,10 +398,9 @@
+ 				shellstr = optarg;
+ 				break;
+ 			default:
+-				usage ();	/* NOT REACHED */
++				usage ();
+ 			}
+ 		}
+-	      end_su_options:
+ 		if (optind < argc && !strcmp (argv[optind], "-")) {
+ 			fakelogin = 1;
+ 			optind++;
--- shadow-4.0.18.1.orig/debian/patches/454_userdel_no_MAIL_FILE
+++ shadow-4.0.18.1/debian/patches/454_userdel_no_MAIL_FILE
@@ -0,0 +1,21 @@
+Goal: do not use MAIL_FILE in userdel:
+      When MAIL_FILE is used, the mail spool is in the home directory, so
+      it do not need to be removed (in addition to the user's home
+      directory)
+
+Note: usermod should be checked also. Maybe MAIL_FILE can be removed from
+      login.defs
+
+Index: shadow-4.0.18.1/src/userdel.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/userdel.c	2006-09-17 12:17:58.256039482 +0200
++++ shadow-4.0.18.1/src/userdel.c	2006-09-17 12:18:02.408072494 +0200
+@@ -550,7 +550,7 @@
+ 
+ 	maildir = getdef_str ("MAIL_DIR");
+ #ifdef MAIL_SPOOL_DIR
+-	if (!maildir && !getdef_str ("MAIL_FILE"))
++	if (!maildir)
+ 		maildir = MAIL_SPOOL_DIR;
+ #endif
+ 	if (!maildir)
--- shadow-4.0.18.1.orig/debian/patches/507_32char_grnames.dpatch
+++ shadow-4.0.18.1/debian/patches/507_32char_grnames.dpatch
@@ -0,0 +1,51 @@
+#! /bin/sh -e
+## 407_32char_grnames_240456.dpatch by xrgtn
+##
+## All lines beginning with `## DP:' are a description of the patch.
+##
+## DP: The patch allows 32 character long group names instead of only 16
+## DP: characters.
+## DP: 
+## DP: Comments from Karl Ramm (shadow 1:4.0.3-23, 28 Mar 2004 19:46:34 -0500):
+## DP: 
+## DP: increase maximum group name size to 32 for no particularly good reason
+## DP: closes: #240456
+
+if [ $# -lt 1 ]; then
+    echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
+    exit 1
+fi
+
+[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
+patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}"
+
+case "$1" in
+    -patch) patch -p1 ${patch_opts} < $0;;
+    -unpatch) patch -R -p1 ${patch_opts} < $0;;
+    *)
+        echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
+        exit 1;;
+esac
+
+exit 0
+
+@DPATCH@
+
+Index: shadow-4.0.18.1/libmisc/chkname.c
+===================================================================
+--- shadow-4.0.18.1.orig/libmisc/chkname.c	2006-09-17 12:17:59.836052044 +0200
++++ shadow-4.0.18.1/libmisc/chkname.c	2006-09-17 12:18:00.496057292 +0200
+@@ -66,10 +66,10 @@
+ int check_group_name (const char *name)
+ {
+ 	/*
+-	 * Arbitrary limit for group names - max 16
+-	 * characters (same as on HP-UX 10).
++	 * Arbitrary limit for group names - max 32
++	 * same as linux UT_NAMESIZE
+ 	 */
+-	if (strlen (name) > 16)
++	if (strlen (name) > 32)
+ 		return 0;
+ 
+ 	return good_name (name);
--- shadow-4.0.18.1.orig/debian/patches/496_login_init_session
+++ shadow-4.0.18.1/debian/patches/496_login_init_session
@@ -0,0 +1,60 @@
+Goal: Make login initialize a session to allow ^C and ^Z to work when
+      booting with init=/bin/login
+      Only do this if we are init (getppid() == 1) (see #380522)
+
+Fix: #374547
+
+Author: Samuel Thibault <samuel.thibault@ens-lyon.org>
+
+Status wrt upstream: reported, not applied yet
+
+Index: shadow-4.0.18.1/src/login.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/login.c	2006-09-17 12:18:04.272087315 +0200
++++ shadow-4.0.18.1/src/login.c	2006-09-17 12:18:14.632169686 +0200
+@@ -41,6 +41,7 @@
+ #include <signal.h>
+ #include <stdio.h>
+ #include <sys/stat.h>
++#include <sys/ioctl.h>
+ #include "defines.h"
+ #include "faillog.h"
+ #include "failure.h"
+@@ -1046,6 +1047,12 @@
+ 	}
+ 	/* child */
+ #endif
++	/* If we were init, we need to start the session */
++	if (getppid() == 1) {
++		setsid();
++		if (ioctl(0, TIOCSCTTY, 1))
++			fprintf(stderr,_("TIOCSCTTY failed on %s"),tty);
++	}
+ 
+ 	/* We call set_groups() above because this clobbers pam_groups.so */
+ #ifndef USE_PAM
+Index: shadow-4.0.18.1/src/sulogin.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/sulogin.c	2006-05-13 01:13:10.000000000 +0200
++++ shadow-4.0.18.1/src/sulogin.c	2006-09-17 12:18:14.632169686 +0200
+@@ -35,6 +35,7 @@
+ #include <pwd.h>
+ #include <signal.h>
+ #include <stdio.h>
++#include <sys/ioctl.h>
+ #include "defines.h"
+ #include "getdef.h"
+ #include "prototypes.h"
+@@ -142,6 +143,12 @@
+ #endif
+ 		exit (1);	/* must be a terminal */
+ 	}
++	/* If we were init, we need to start the session */
++	if (getppid() == 1) {
++		setsid();
++		if (ioctl(0, TIOCSCTTY, 1))
++			fprintf(stderr,_("TIOCSCTTY failed"));
++	}
+ 	while (*envp)		/* add inherited environment, */
+ 		addenv (*envp++, NULL);	/* some variables change later */
+ 
--- shadow-4.0.18.1.orig/debian/patches/503_shadowconfig.8
+++ shadow-4.0.18.1/debian/patches/503_shadowconfig.8
@@ -0,0 +1,201 @@
+Goal: Document the shadowconfig utility
+
+Status wrt upstream: The shadowconfig utility is debian specific.
+                     It's man page also (but it used to be distributed)
+
+Index: shadow-4.0.18.1/man/shadowconfig.8
+===================================================================
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
++++ shadow-4.0.18.1/man/shadowconfig.8	2006-09-17 12:17:46.003942066 +0200
+@@ -0,0 +1,41 @@
++.\"Generated by db2man.xsl. Don't modify this, modify the source.
++.de Sh \" Subsection
++.br
++.if t .Sp
++.ne 5
++.PP
++\fB\\$1\fR
++.PP
++..
++.de Sp \" Vertical space (when we can't use .PP)
++.if t .sp .5v
++.if n .sp
++..
++.de Ip \" List item
++.br
++.ie \\n(.$>=3 .ne \\$3
++.el .ne 3
++.IP "\\$1" \\$2
++..
++.TH "SHADOWCONFIG" 8 "19 Apr 1997" "" ""
++.SH NAME
++shadowconfig \- toggle shadow passwords on and off
++.SH "SYNOPSIS"
++.ad l
++.hy 0
++.HP 13
++\fBshadowconfig\fR \fB\fIon\fR\fR | \fB\fIoff\fR\fR
++.ad
++.hy
++
++.SH "DESCRIPTION"
++
++.PP
++\fBshadowconfig\fR on will turn shadow passwords on; \fIshadowconfig off\fR will turn shadow passwords off\&. \fBshadowconfig\fR will print an error message and exit with a nonzero code if it finds anything awry\&. If that happens, you should correct the error and run it again\&. Turning shadow passwords on when they are already on, or off when they are already off, is harmless\&.
++
++.PP
++Read \fI/usr/share/doc/passwd/README\&.Debian\fR for a brief introduction to shadow passwords and related features\&.
++
++.PP
++Note that turning shadow passwords off and on again will lose all password aging information\&.
++
+Index: shadow-4.0.18.1/man/shadowconfig.8.xml
+===================================================================
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
++++ shadow-4.0.18.1/man/shadowconfig.8.xml	2006-09-17 12:17:46.007942098 +0200
+@@ -0,0 +1,52 @@
++<?xml version="1.0" encoding="UTF-8"?>
++<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
++		"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
++<refentry id='shadowconfig.8'>
++  <!-- $Id: shadowconfig.8.xml,v 1.6 2005/06/15 12:39:27 kloczek Exp $ -->
++  <refentryinfo>
++    <date>19 Apr 1997</date>
++  </refentryinfo>
++  <refmeta>
++    <refentrytitle>shadowconfig</refentrytitle>
++    <manvolnum>8</manvolnum>
++    <refmiscinfo class='date'>19 Apr 1997</refmiscinfo>
++    <refmiscinfo class='source'>Debian GNU/Linux</refmiscinfo>
++  </refmeta>
++  <refnamediv id='name'>
++    <refname>shadowconfig</refname>
++    <refpurpose>toggle shadow passwords on and off</refpurpose>
++  </refnamediv>
++
++  <refsynopsisdiv id='synopsis'>
++    <cmdsynopsis>
++      <command>shadowconfig</command>
++      <group choice='plain'>
++        <arg choice='plain'><replaceable>on</replaceable></arg>
++        <arg choice='plain'><replaceable>off</replaceable></arg>
++      </group>
++    </cmdsynopsis>
++  </refsynopsisdiv>
++
++  <refsect1 id='description'>
++    <title>DESCRIPTION</title>
++    <para><command>shadowconfig</command> on will turn shadow passwords on;
++      <emphasis remap='B'>shadowconfig off</emphasis> will turn shadow
++      passwords off. <command>shadowconfig</command> will print an error
++      message and exit with a nonzero code if it finds anything awry. If
++      that happens, you should correct the error and run it again. Turning
++      shadow passwords on when they are already on, or off when they are
++      already off, is harmless.
++    </para>
++
++    <para>
++      Read <filename>/usr/share/doc/passwd/README.Debian</filename> for a
++      brief introduction
++      to shadow passwords and related features.
++    </para>
++
++    <para>Note that turning shadow passwords off and on again will lose all
++      password
++      aging information.
++    </para>
++  </refsect1>
++</refentry>
+Index: shadow-4.0.18.1/man/fr/shadowconfig.8
+===================================================================
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
++++ shadow-4.0.18.1/man/fr/shadowconfig.8	2006-09-17 12:17:46.079942670 +0200
+@@ -0,0 +1,26 @@
++.\" This file was generated with po4a. Translate the source file.
++.\"
++.\"$Id: shadowconfig.8,v 1.4 2001/08/23 23:10:48 kloczek Exp $
++.TH SHADOWCONFIG 8 "19 avril 1997" "Debian GNU/Linux"
++.SH NOM
++shadowconfig \- active ou désactive les mots de passe cachés
++.SH SYNOPSIS
++\fBshadowconfig\fP \fIon\fP | \fIoff\fP
++.SH DESCRIPTION
++.PP
++\fBshadowconfig on\fP active les mots de passe cachés («\ shadow passwords\ »)\ ; \fBshadowconfig off\fP les désactive. \fBShadowconfig\fP affiche un message
++d'erreur et quitte avec une valeur de retour non nulle s'il rencontre
++quelque chose d'inattendu. Dans ce cas, vous devrez corriger l'erreur avant
++de recommencer.
++
++Activer les mots de passe cachés lorsqu'ils sont déjà activés, ou les
++désactiver lorsqu'ils ne sont pas actifs est sans effet.
++
++Lisez \fI/usr/share/doc/passwd/README.Debian\fP pour une brève introduction aux
++mots de passe cachés et à leurs fonctionnalités.
++
++Notez que désactiver puis réactiver les mots de passe cachés aura pour
++conséquence la perte des informations d'âge sur les mots de passe.
++.SH TRADUCTION
++Nicolas FRANÇOIS, 2004.
++Veuillez signaler toute erreur à <\fIdebian\-l10\-french@lists.debian.org\fR>.
+Index: shadow-4.0.18.1/man/ja/shadowconfig.8
+===================================================================
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
++++ shadow-4.0.18.1/man/ja/shadowconfig.8	2006-09-17 12:17:46.079942670 +0200
+@@ -0,0 +1,25 @@
++.\"     all right reserved,
++.\" Translated Tue Oct 30 11:59:11 JST 2001
++.\" by Maki KURODA <mkuroda@aisys-jp.com>
++.\"
++.TH SHADOWCONFIG 8 "19 Apr 1997" "Debian GNU/Linux"
++.SH 名前
++shadowconfig \- shadow パスワードの設定をオン及びオフに切替える
++.SH 書式
++.B "shadowconfig"
++.IR on " | " off
++.SH 説明
++.PP
++.B shadowconfig on
++は shadow パスワードを有効にする。
++.B shadowconfig off
++は shadow パスワードを無効にする。
++.B shadowconfig
++は何らかの間違いがあると、エラーメッセージを表示し、
++ゼロではない返り値を返す。
++もしそのようなことが起こった場合、エラーを修正し、再度実行しなければならない。
++shadow パスワードの設定がすでにオンの場合にオンに設定したり、
++すでにオフの場合にオフに設定しても、何の影響もない。
++
++.I /usr/share/doc/passwd/README.debian.gz
++には shadow パスワードとそれに関する特徴の簡単な紹介が書かれている。
+Index: shadow-4.0.18.1/man/pl/shadowconfig.8
+===================================================================
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
++++ shadow-4.0.18.1/man/pl/shadowconfig.8	2006-09-17 12:17:46.083942702 +0200
+@@ -0,0 +1,27 @@
++.\" $Id: shadowconfig.8,v 1.3 2001/08/23 23:10:51 kloczek Exp $
++.\" {PTM/WK/1999-09-14}
++.TH SHADOWCONFIG 8 "19 kwietnia 1997" "Debian GNU/Linux"
++.SH NAZWA
++shadowconfig - przełącza ochronę haseł i grup przez pliki shadow
++.SH SKŁADNIA
++.B "shadowconfig"
++.IR on " | " off
++.SH OPIS
++.PP
++.B shadowconfig on
++włącza ochronę haseł i grup przez dodatkowe, przesłaniane pliki (shadow);
++.B shadowconfig off
++wyłącza dodatkowe pliki haseł i grup.
++.B shadowconfig
++wyświetla komunikat o błędzie i kończy pracę z niezerowym kodem jeśli
++znajdzie coś nieprawidłowego. W takim wypadku powinieneś poprawić błąd
++.\" if it finds anything awry.
++i uruchomić program ponownie.
++
++Włączenie ochrony haseł, gdy jest ona już włączona lub jej wyłączenie,
++gdy jest wyłączona jest nieszkodliwe.
++
++Przeczytaj
++.IR /usr/share/doc/passwd/README.debian.gz ,
++gdzie znajdziesz krótkie wprowadzenie do ochrony haseł z użyciem dodatkowych
++plików haseł przesłanianych (shadow passwords) i związanych tematów.
--- shadow-4.0.18.1.orig/debian/patches/102_de-fix-sorry
+++ shadow-4.0.18.1/debian/patches/102_de-fix-sorry
@@ -0,0 +1,29 @@
+Goal: Fix the traslation of Sorry in German
+
+Fixes: #383045
+
+Status wrt upstream: Forwarded. Waiting for apply to remove from trunk
+                     Not to be removed in etch
+
+Index: shadow-4.0.18.1/po/de.po
+===================================================================
+--- shadow-4.0.18.1.orig/po/de.po	2006-07-26 22:31:43.000000000 +0200
++++ shadow-4.0.18.1/po/de.po	2006-09-17 12:18:19.448207978 +0200
+@@ -1204,7 +1204,7 @@
+ msgstr "Unbekannte GID: %lu\n"
+ 
+ msgid "Sorry.\n"
+-msgstr "Entschuldigung.\n"
++msgstr " \n"
+ 
+ #, c-format
+ msgid "too many groups\n"
+@@ -1471,7 +1471,7 @@
+ msgstr "Bitte geben Sie Ihr EIGENES Kennwort als Authentifizierung ein.\n"
+ 
+ msgid "Sorry."
+-msgstr "Entschuldigung."
++msgstr " "
+ 
+ #, c-format
+ msgid "%s: %s\n"
--- shadow-4.0.18.1.orig/debian/patches/499_gettext-0.15
+++ shadow-4.0.18.1/debian/patches/499_gettext-0.15
@@ -0,0 +1,20 @@
+Goal: MKINSTALLDIRS is not defined otherwise.
+
+Fixes: #384631
+
+Note: this is a minimal patch. Maybe it would be better to update the file
+to the new one distributed with gettext.
+
+Index: shadow-4.0.18.1/po/Makefile.in.in
+===================================================================
+--- shadow-4.0.18.1.orig/po/Makefile.in.in	2006-06-12 02:35:49.000000000 +0200
++++ shadow-4.0.18.1/po/Makefile.in.in	2006-09-17 12:18:17.300190899 +0200
+@@ -26,7 +26,7 @@
+ 
+ INSTALL = @INSTALL@
+ INSTALL_DATA = @INSTALL_DATA@
+-MKINSTALLDIRS = @MKINSTALLDIRS@
++MKINSTALLDIRS = @install_sh@ -d
+ mkinstalldirs = $(SHELL) $(MKINSTALLDIRS)
+ 
+ GMSGFMT = @GMSGFMT@
--- shadow-4.0.18.1.orig/debian/patches/428_grpck_add_prune_option
+++ shadow-4.0.18.1/debian/patches/428_grpck_add_prune_option
@@ -0,0 +1,53 @@
+Goal: grpck now has an (otherwise undocumented) -p option, so that
+      shadowconfig can clean up the results of the above, so the config
+      script will fail randomly less often.
+Fixes: #103385
+
+Status wrt upstream: It could certainly be submitted to upstream.
+
+Index: shadow-4.0.18.1/src/grpck.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/grpck.c	2006-05-07 19:44:39.000000000 +0200
++++ shadow-4.0.18.1/src/grpck.c	2006-09-17 12:17:53.712003353 +0200
+@@ -139,6 +139,7 @@
+ 	int errors = 0;
+ 	int changed = 0;
+ 	int i;
++	int prune = 0;
+ 	struct commonio_entry *gre, *tgre;
+ 	struct group *grp;
+ 	int sort_mode = 0;
+@@ -163,7 +164,7 @@
+ 	/*
+ 	 * Parse the command line arguments
+ 	 */
+-	while ((arg = getopt (argc, argv, "qrs")) != EOF) {
++	while ((arg = getopt (argc, argv, "qprs")) != EOF) {
+ 		switch (arg) {
+ 		case 'q':
+ 			/* quiet - ignored for now */
+@@ -174,6 +175,9 @@
+ 		case 's':
+ 			sort_mode = 1;
+ 			break;
++		case 'p':
++			prune = 1;
++			break;
+ 		default:
+ 			usage ();
+ 		}
+@@ -296,8 +300,13 @@
+ 			/*
+ 			 * prompt the user to delete the entry or not
+ 			 */
+-			if (!yes_or_no ())
++			if (!prune) {
++			        if (!yes_or_no ())
++				        continue;
++			} else {
++			        puts (_("Yes"));
+ 				continue;
++			}
+ 
+ 			/*
+ 			 * All group file deletions wind up here. This code
--- shadow-4.0.18.1.orig/debian/patches/408_passwd_check_arguments
+++ shadow-4.0.18.1/debian/patches/408_passwd_check_arguments
@@ -0,0 +1,24 @@
+Goal: Check the passwd arguments and fail with the usage message if there
+      are more than one non option arguments (i.e. usernames).
+
+Fixes: #410268
+
+Status wrt upstream: not reported yet.
+
+Index: shadow-4.0.18.1/src/passwd.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/passwd.c	2007-04-15 17:49:31.000000000 +0200
++++ shadow-4.0.18.1/src/passwd.c	2007-04-15 17:52:38.000000000 +0200
+@@ -740,6 +740,12 @@
+ 		name = myname;
+ 
+ 	/*
++	 * Make sure that at most one username was specified.
++	 */
++	if (argc > optind+1)
++		usage (E_USAGE);
++
++	/*
+ 	 * The -a flag requires -S, no other flags, no username, and
+ 	 * you must be root.  --marekm
+ 	 */
--- shadow-4.0.18.1.orig/debian/cppw.8
+++ shadow-4.0.18.1/debian/cppw.8
@@ -0,0 +1,27 @@
+.TH CPPW 8 "7 Apr 2005"
+.SH NAME
+cppw, cpgr \- copy with locking the given file to the password or group file
+.SH SYNOPSIS
+\fBcppw\fR [\fB\-h\fR] [\fB\-s\fR] password_file
+.br
+\fBcpgr\fR [\fB\-h\fR] [\fB\-s\fR] group_file
+
+.SH DESCRIPTION
+.BR cppw " and " cpgr
+will copy, with locking, the given file to
+.IR /etc/passwd " and " /etc/group ", respectively."
+With the \fB\-s\fR flag, they will edit the shadow versions of those files,
+.IR /etc/shadow " and " /etc/gshadow ", respectively."
+
+With the \fB\-h\fR flag, the commands display a short help message and exit
+silently.
+.SH "SEE ALSO"
+.BR vipw (8),
+.BR vigr (8),
+.BR group (5),
+.BR passwd (5),
+.BR shadow (5),
+.BR gshadow (5)
+.SH AUTHOR
+\fBcppw\fR and \fBcpgr\fR were written by Stephen Frost, based on
+\fBvipw\fR and \fBvigr\fR written by Guy Maor.
--- shadow-4.0.18.1.orig/debian/passwd.userdel.pam
+++ shadow-4.0.18.1/debian/passwd.userdel.pam
@@ -0,0 +1,8 @@
+# The PAM configuration file for the Shadow 'userdel' service
+#
+
+# This allows root to remove users without being prompted for a password
+auth		sufficient	pam_rootok.so
+
+# checks for account validity
+account	required	pam_permit.so
--- shadow-4.0.18.1.orig/debian/control
+++ shadow-4.0.18.1/debian/control
@@ -0,0 +1,37 @@
+Source: shadow
+Section: admin
+Priority: required
+Maintainer: Shadow package maintainers <pkg-shadow-devel@lists.alioth.debian.org>
+Standards-Version: 3.7.2.0
+Uploaders: Christian Perrier <bubulle@debian.org>, Martin Quinson <mquinson@debian.org>, Nicolas FRANCOIS (Nekral) <nicolas.francois@centraliens.net>
+Build-Depends: autoconf, automake1.9, libtool, gettext, libpam0g-dev, debhelper (>= 5.0.0), quilt, dpkg-dev (>= 1.13.5), xsltproc, docbook-xsl, docbook-xml, libxml2-utils, cdbs, libselinux1-dev [!hurd-i386 !kfreebsd-i386 !kfreebsd-amd64], gnome-doc-utils (>= 0.4.3-1)
+XS-X-Vcs-Svn: svn://svn.debian.org/svn/pkg-shadow/trunk
+
+Package: passwd
+Architecture: any
+Depends: ${shlibs:Depends}, ${loginpam}, debianutils (>= 2.15.2)
+Replaces: manpages-de (<< 0.4-9), manpages-fi (<< 0.2-4), manpages-fr (<<1.64.0-1), manpages-hu (<< 20010119-5), manpages-it (<< 0.3.4-3), manpages-ja (<< 0.5.0.0.20050915-1), manpages-ko (<< 20050219-2), manpages-es (<< 1.55-4), manpages-es-extra (<< 0.8a-15), manpages-ru (<< 0.98-3), manpages-tr, manpages-zh
+Section: admin
+Priority: required
+Description: change and administer password and group data
+ This package includes passwd, chsh, chfn, and many other programs to
+ maintain password and group data.
+ .
+ Shadow passwords are supported.  See /usr/share/doc/passwd/README.Debian
+
+Package: login
+Architecture: any
+Pre-Depends: ${shlibs:Depends}, libpam-runtime (>= 0.76-14)
+Depends: libpam-modules (>= 0.72-5)
+Conflicts: gnunet (<< 0.7.0c-2), amavisd-new (<<2.3.3-8), python-4suite (<< 0.99cvs20060405-1), backupninja (<< 0.9.3-5), echolot (<< 2.1.8-4)
+Replaces: manpages-fi (<< 0.2-4), manpages-fr (<<1.64.0-1), manpages-hu (<< 20010119-5), manpages-it (<< 0.3.4-2), manpages-ko (<< 20050219-2), manpages-ja (<< 0.5.0.0.20050915-1), manpages-de (<< 0.4-10), manpages-es-extra (<<0.8a-15), manpages-tr, manpages-zh
+Essential: yes
+Section: admin
+Priority: required
+Description: system login tools
+ These tools are required to be able to login and use your system. The
+ login program invokes your user shell and enables command execution. The
+ newgrp program is used to change your effective group ID (useful for
+ workgroup type situations). The su program allows changing your effective
+ user ID (useful being able to execute commands as another user).
+
--- shadow-4.0.18.1.orig/debian/passwd.examples
+++ shadow-4.0.18.1/debian/passwd.examples
@@ -0,0 +1 @@
+debian/passwd.expire.cron
--- shadow-4.0.18.1.orig/debian/securetty.knetbsd
+++ shadow-4.0.18.1/debian/securetty.knetbsd
@@ -0,0 +1,12 @@
+# /etc/securetty: list of terminals on which root is allowed to login.
+# See securetty(5) and login(1).
+console
+
+# for people with serial port consoles
+tty00
+
+# Standard consoles
+ttyE0
+ttyE1
+ttyE2
+ttyE3
--- shadow-4.0.18.1.orig/debian/passwd.postrm
+++ shadow-4.0.18.1/debian/passwd.postrm
@@ -0,0 +1,3 @@
+#!/bin/sh -e
+
+#DEBHELPER#
--- shadow-4.0.18.1.orig/debian/passwd.preinst
+++ shadow-4.0.18.1/debian/passwd.preinst
@@ -0,0 +1,51 @@
+#! /bin/sh
+
+#
+# see: dh_installdeb(1)
+
+set -e
+
+# summary of how this script can be called:
+#        * <new-preinst> `install'
+#        * <new-preinst> `install' <old-version>
+#        * <new-preinst> `upgrade' <old-version>
+#        * <old-preinst> `abort-upgrade' <new-version>
+#
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+
+remove_md5() {
+    if md5sum $1 2>/dev/null |grep -q $2; then
+	cp $1 $1.pre-upgrade
+	sed -e '/^[^#]*[ \t]*password[ \t]*required[ \t]*pam_unix.so/ s/ md5$//' $1 >$1.post-upgrade \
+	    && mv $1.post-upgrade $1
+    fi
+    }
+
+
+case "$1" in
+    install|upgrade)
+        if [ "x$2" != "x" ] ; then
+	    if dpkg --compare-versions $2 lt 1:4.0.3 ; then
+		remove_md5 /etc/pam.d/passwd 23a5d1465bbc1e39ca6e0c32f22a75c9
+	    fi
+	fi
+    ;;
+
+    abort-upgrade)
+    ;;
+
+    *)
+        echo "preinst called with unknown argument \`$1'" >&2
+        exit 1
+    ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
+
+
--- shadow-4.0.18.1.orig/debian/shadowconfig.sh
+++ shadow-4.0.18.1/debian/shadowconfig.sh
@@ -0,0 +1,55 @@
+#!/bin/sh
+# turn shadow passwords on or off on a Debian system
+
+set -e
+
+shadowon () {
+bash<<- EOF
+    set -e
+    pwck -q
+    grpck -p
+    pwconv
+    grpconv
+    cd /etc
+    chown root:root passwd group
+    chmod 644 passwd group
+    chown root:shadow shadow gshadow
+    chmod 640 shadow gshadow
+EOF
+}
+
+shadowoff () {
+bash<<- EOF
+    set -e
+    pwck -q
+    grpck -p
+    pwunconv
+    grpunconv
+    cd /etc
+    # sometimes the passwd perms get munged
+    chown root:root passwd group
+    chmod 644 passwd group
+EOF
+}
+
+case "$1" in
+    "on")
+	if shadowon ; then
+	    echo Shadow passwords are now on.
+	else
+	    echo Please correct the error and rerun \`$0 on\'
+	    exit 1
+	fi
+	;;
+    "off")
+	if shadowoff ; then
+	    echo Shadow passwords are now off.
+	else
+	    echo Please correct the error and rerun \`$0 off\'
+	    exit 1
+	fi
+	;;
+     *)
+	echo Usage: $0 on \| off
+	;;
+esac
--- shadow-4.0.18.1.orig/debian/passwd.linda-overrides
+++ shadow-4.0.18.1/debian/passwd.linda-overrides
@@ -0,0 +1,4 @@
+Tag: incorrect-file-perms
+Data: /usr/bin/(chage|chfn|chsh|expiry|gpasswd|passwd)
+Tag: whatis-parse-failed-on-manpage
+Data: /usr/share/man/(id|ja|ko|ru|tr|zh_CN|zh_TW)/
--- shadow-4.0.18.1.orig/debian/passwd.newusers.pam
+++ shadow-4.0.18.1/debian/passwd.newusers.pam
@@ -0,0 +1,9 @@
+# The PAM configuration file for the Shadow 'newusers' service
+#
+
+# This allows root to add users with a batch file without being 
+# prompted for a password
+auth		sufficient	pam_rootok.so
+
+# checks for account validity
+account	required	pam_permit.so
--- shadow-4.0.18.1.orig/debian/passwd.chpasswd.pam
+++ shadow-4.0.18.1/debian/passwd.chpasswd.pam
@@ -0,0 +1,8 @@
+# The PAM configuration file for the Shadow 'chpasswd' service
+#
+
+# This allows root to use chpasswd without being prompted for a password
+auth		sufficient	pam_rootok.so
+
+# checks for account validity
+account	required	pam_permit.so
--- shadow-4.0.18.1.orig/debian/login.defs
+++ shadow-4.0.18.1/debian/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
--- shadow-4.0.18.1.orig/debian/passwd.chfn.pam
+++ shadow-4.0.18.1/debian/passwd.chfn.pam
@@ -0,0 +1,16 @@
+#
+# The PAM configuration file for the Shadow `chfn' service
+#
+
+# This allows root to change user infomation without being
+# prompted for a password
+auth		sufficient	pam_rootok.so
+
+# The standard Unix authentication modules, used with
+# NIS (man nsswitch) as well as normal /etc/passwd and
+# /etc/shadow entries.
+@include common-auth
+@include common-account
+@include common-session
+
+
--- shadow-4.0.18.1.orig/debian/login.postinst
+++ shadow-4.0.18.1/debian/login.postinst
@@ -0,0 +1,25 @@
+#!/bin/sh -e
+
+if test "$1" = configure
+then
+	if test -f /etc/init.d/logoutd
+	then 
+		if test "$(md5sum /etc/init.d/logoutd)" = "9080f92783dd53f6f2108e698c06bd53  /etc/init.d/logoutd"
+		then	
+			echo "removing logoutd cruft"
+			rm /etc/init.d/logoutd
+			update-rc.d logoutd remove
+		fi
+	fi
+fi
+rm -f /etc/pam.d/login.pre-upgrade 2>/dev/null
+
+if [ ! -f /var/log/faillog ] ; then
+    touch /var/log/faillog
+    chown root:root /var/log/faillog
+    chmod 644 /var/log/faillog
+fi
+
+#DEBHELPER#
+
+exit 0
--- shadow-4.0.18.1.orig/debian/passwd.usermod.pam
+++ shadow-4.0.18.1/debian/passwd.usermod.pam
@@ -0,0 +1,8 @@
+# The PAM configuration file for the Shadow 'groupdel' service
+#
+
+# This allows root to remove groups without being prompted for a password
+auth		sufficient	pam_rootok.so
+
+# checks for account validity
+account	required	pam_permit.so
--- shadow-4.0.18.1.orig/debian/login.preinst
+++ shadow-4.0.18.1/debian/login.preinst
@@ -0,0 +1,52 @@
+#! /bin/sh
+
+#
+# see: dh_installdeb(1)
+
+set -e
+
+# summary of how this script can be called:
+#        * <new-preinst> `install'
+#        * <new-preinst> `install' <old-version>
+#        * <new-preinst> `upgrade' <old-version>
+#        * <old-preinst> `abort-upgrade' <new-version>
+#
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+
+remove_md5() {
+    if md5sum $1 2>/dev/null |grep -q $2; then
+	cp $1 $1.pre-upgrade
+	sed -e '/^[^#][ \t]*assword[ \t]*required[ \t]*pam_unix.so/ s/ md5$//' $1 >$1.post-upgrade \
+	    && mv $1.post-upgrade $1
+    fi
+    }
+
+
+case "$1" in
+    install|upgrade)
+        if [ "x$2" != "x" ] ; then
+	    if dpkg --compare-versions $2 lt 1:4.0.3 ; then
+		remove_md5 /etc/pam.d/login 5e61c3334e25625fe1fa4d79cf9123ff
+		fi
+	    fi
+	    
+    ;;
+
+    abort-upgrade)
+    ;;
+
+    *)
+        echo "preinst called with unknown argument \`$1'" >&2
+        exit 1
+    ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
+
+
--- shadow-4.0.18.1.orig/debian/passwd.groupdel.pam
+++ shadow-4.0.18.1/debian/passwd.groupdel.pam
@@ -0,0 +1,8 @@
+# The PAM configuration file for the Shadow 'groupdel' service
+#
+
+# This allows root to remove groups without being prompted for a password
+auth		sufficient	pam_rootok.so
+
+# checks for account validity
+account	required	pam_permit.so
--- shadow-4.0.18.1.orig/debian/passwd.lintian-overrides
+++ shadow-4.0.18.1/debian/passwd.lintian-overrides
@@ -0,0 +1,20 @@
+passwd: setgid-binary usr/bin/chage 2755 root/shadow
+passwd: setuid-binary usr/bin/chfn 4755 root/root
+passwd: setuid-binary usr/bin/chsh 4755 root/root
+passwd: setgid-binary usr/bin/expiry 2755 root/shadow
+passwd: setuid-binary usr/bin/gpasswd 4755 root/root
+passwd: setuid-binary usr/bin/passwd 4755 root/root
+
+# passwd.config in a no-op (exit 0) when debconf is not installed. 
+# debconf is "important", and passwd is "required". A dependency would be *bad*
+passwd: seen-flag-requires-versioned-depends config
+passwd: missing-debconf-dependency
+
+# passwd.config uses adduser but does not strictly depend on it
+# as it fallbacks to useradd
+passwd: maintainer-script-needs-depends-on-adduser config
+
+# Wrong warning from lintian for untranslatable stuff
+passwd: malformed-prompt-in-templates passwd/root-password-crypted
+passwd: malformed-prompt-in-templates passwd/user-password-crypted
+passwd: malformed-prompt-in-templates passwd/user-uid
--- shadow-4.0.18.1.orig/debian/login.linda-overrides
+++ shadow-4.0.18.1/debian/login.linda-overrides
@@ -0,0 +1,4 @@
+Tag: incorrect-file-perms
+Data: (/bin/su|/usr/bin/newgrp)
+Tag: whatis-parse-failed-on-manpage
+Data: /usr/share/man/(ko|ru|tr)/
--- shadow-4.0.18.1.orig/debian/cpgr.8
+++ shadow-4.0.18.1/debian/cpgr.8
@@ -0,0 +1 @@
+.so man8/cppw.8
--- shadow-4.0.18.1.orig/debian/passwd.useradd.pam
+++ shadow-4.0.18.1/debian/passwd.useradd.pam
@@ -0,0 +1,8 @@
+# The PAM configuration file for the Shadow 'useradd' service
+#
+
+# This allows root to add users without being prompted for a password
+auth		sufficient	pam_rootok.so
+
+# checks for account validity
+account	required	pam_permit.so
--- shadow-4.0.18.1.orig/debian/login.su.pam
+++ shadow-4.0.18.1/debian/login.su.pam
@@ -0,0 +1,62 @@
+#
+# The PAM configuration file for the Shadow `su' service
+#
+
+# This allows root to su without passwords (normal operation)
+auth       sufficient pam_rootok.so
+
+# Uncomment this to force users to be a member of group root
+# before they can use `su'. You can also add "group=foo"
+# to the end of this line if you want to use a group other
+# than the default "root" (but this may have side effect of
+# denying "root" user, unless she's a member of "foo" or explicitly
+# permitted earlier by e.g. "sufficient pam_rootok.so").
+# (Replaces the `SU_WHEEL_ONLY' option from login.defs)
+# auth       required   pam_wheel.so
+
+# Uncomment this if you want wheel members to be able to
+# su without a password.
+# auth       sufficient pam_wheel.so trust
+
+# Uncomment this if you want members of a specific group to not
+# be allowed to use su at all.
+# auth       required   pam_wheel.so deny group=nosu
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on su usage.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+#
+# "nopen" stands to avoid reporting new mail when su'ing to another user
+session    optional   pam_mail.so nopen
+
+# Sets up user limits, please uncomment and read /etc/security/limits.conf
+# to enable this functionality.
+# (Replaces the use of /etc/limits in old login)
+# session    required   pam_limits.so
+
+# The standard Unix authentication modules, used with
+# NIS (man nsswitch) as well as normal /etc/passwd and
+# /etc/shadow entries.
+@include common-auth
+@include common-account
+@include common-session
+
+
--- shadow-4.0.18.1.orig/debian/login.lintian-overrides
+++ shadow-4.0.18.1/debian/login.lintian-overrides
@@ -0,0 +1,3 @@
+login: setuid-binary usr/bin/newgrp 4755 root/root
+login: setuid-binary bin/su 4755 root/root
+login: possible-missing-colon-in-closes l667:closes bug 336321
--- shadow-4.0.18.1.orig/debian/passwd.groupmod.pam
+++ shadow-4.0.18.1/debian/passwd.groupmod.pam
@@ -0,0 +1,8 @@
+# The PAM configuration file for the Shadow 'groupmod' service
+#
+
+# This allows root to modify groups without being prompted for a password
+auth		sufficient	pam_rootok.so
+
+# checks for account validity
+account	required	pam_permit.so
--- shadow-4.0.18.1.orig/debian/login.dirs
+++ shadow-4.0.18.1/debian/login.dirs
@@ -0,0 +1,2 @@
+usr/share/lintian/overrides
+usr/share/linda/overrides
--- shadow-4.0.18.1.orig/debian/useradd.default
+++ shadow-4.0.18.1/debian/useradd.default
@@ -0,0 +1,37 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. We however use "sh" here because
+# useradd being a low level utility should rather be as widely opened
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# same than USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+# GROUP=100
+#
+# The default home directory. Same than DHOME for adduser
+# HOME=/home
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+# INACTIVE=-1
+#
+# The default expire date
+# EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
+
--- shadow-4.0.18.1.orig/debian/login.install
+++ shadow-4.0.18.1/debian/login.install
@@ -0,0 +1,25 @@
+usr/share/locale/*/LC_MESSAGES/shadow.mo
+usr/share/man/*/man1/login.1
+usr/share/man/*/man1/newgrp.1
+usr/share/man/*/man1/sg.1
+usr/share/man/*/man1/su.1
+usr/share/man/*/man5/faillog.5
+usr/share/man/*/man5/login.defs.5
+usr/share/man/*/man8/faillog.8
+usr/share/man/*/man8/lastlog.8
+usr/share/man/*/man8/nologin.8
+usr/share/man/man1/login.1
+usr/share/man/man1/newgrp.1
+usr/share/man/man1/sg.1
+usr/share/man/man1/su.1
+usr/share/man/man5/faillog.5
+usr/share/man/man5/login.defs.5
+usr/share/man/man8/faillog.8
+usr/share/man/man8/lastlog.8
+usr/share/man/man8/nologin.8
+usr/sbin/nologin
+usr/bin/faillog
+usr/bin/lastlog
+usr/bin/newgrp
+bin/login
+bin/su
--- shadow-4.0.18.1.orig/debian/securetty.kfreebsd
+++ shadow-4.0.18.1/debian/securetty.kfreebsd
@@ -0,0 +1,23 @@
+# /etc/securetty: list of terminals on which root is allowed to login.
+# See securetty(5) and login(1).
+console
+
+# for people with serial port consoles
+cuaa0
+
+# Standard consoles
+ttyv0
+ttyv1
+ttyv2
+ttyv3
+ttyv4
+ttyv5
+ttyv6
+ttyv7
+ttyva
+ttyvb
+ttyvc
+ttyvd
+ttyve
+ttyvf
+
--- shadow-4.0.18.1.orig/debian/NEWS
+++ shadow-4.0.18.1/debian/NEWS
@@ -0,0 +1,36 @@
+shadow (1:4.0.15-5) unstable; urgency=low
+
+  * commands passed in argument to su must use su's -c option and must quote
+    the command if it contains a space, as in:
+        su - root -c "ls -l /"
+    The following commands won't work anymore:
+        su - root -c ls -l /
+        su - root "ls -l /"
+        su - root ls -l /
+
+ -- Christian Perrier <bubulle@debian.org>  Sat,  8 Apr 2006 20:11:38 +0200
+
+shadow (1:4.0.14-1) unstable; urgency=low
+
+  * passwd does not support the -f, -s, and -g options anymore. You should use
+    the chfn, chsh and gpasswd utilities instead.
+  * login now distributes the nologin utility, which can be used as a shell
+    to politely refuse a login
+
+ -- Christian Perrier <bubulle@debian.org>  Thu,  5 Jan 2006 08:47:44 +0100
+
+shadow (1:4.0.12-1) unstable; urgency=low
+
+  CLOSE_SESSIONS and other variables are not used anymore in
+  /etc/login/defs.
+  As shadow utilities which use this file now warn about unknown
+  entries there, administrators should remove such unknown entries.
+  The supplied login.defs file does not include them anymore.
+
+  dpasswd is no more distributed by upstream. Login do not support
+  dialup password anymore.  Re-introducing this functionality in
+  upstream is not trivial.
+
+
+ -- Christian Perrier <bubulle@debian.org>  Thu, 25 Aug 2005 08:38:47 +0200
+
--- shadow-4.0.18.1.orig/debian/passwd.passwd.pam
+++ shadow-4.0.18.1/debian/passwd.passwd.pam
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `passwd' service
+#
+
+@include common-password
+
--- shadow-4.0.18.1.orig/debian/README.debian
+++ shadow-4.0.18.1/debian/README.debian
@@ -0,0 +1,62 @@
+Read this file first for a brief overview of the new versions of login
+and passwd.
+
+
+---Shadow passwords
+
+The command `shadowconfig on' will turn on shadow password support.
+`shadowconfig off' will turn it back off.  If you turn on shadow
+password support, you'll gain the ability to set password ages and
+expirations with chage(1).
+
+NOTE: If you use the nscd package, you may have problems with a
+slight delay in updating the password information. You may notice
+this during upgrades of certain packages that try to add a system
+user and then access the users information immediately afterwards.
+To avoid this, it is suggested that you stop the nscd daemon before
+upgrades, then restart it again.
+
+---General configuration
+
+Most of the configuration for the shadow utilities is in
+/etc/login.defs.  See login.defs(5).  The defaults are quite
+reasonable.
+
+Also see the /etc/pam.d/* files for each program to configure the PAM
+support. PAM documentation is available in several formats in the
+libpam-doc package.
+
+
+---MD5 Encryption
+
+This is enabled now using the /etc/pam.d/* files. Examples are given.
+
+
+---Adding users and groups
+
+Though you may add users and groups with the SysV type commands,
+useradd and groupadd, I recommend you add them with Debian adduser
+version 3+.  adduser gives you more configuration and conforms to the
+Debian UID and GID allocation.
+
+Editing user and group parameters can be done with usermod and
+groupmod.  Removing users and groups can be done with userdel and
+groupdel.
+
+
+--- Group administration
+
+Local group allocation is much easier.  With gpasswd(1) you can
+designate users to administer groups.  They can then securely add or
+remove users from the group.
+
+
+--- What to read next?
+
+Read the manpages, the other files in this directory, and the Shadow
+Password HOWTO (included in the doc-linux package).  A large portion
+of these files deals with getting shadow installed.  You can, of
+course, ignore those parts.
+
+Also, the libpam-doc package will go a long way to allowing you to take
+full advantage of the PAM authentication scheme.
--- shadow-4.0.18.1.orig/debian/passwd.links
+++ shadow-4.0.18.1/debian/passwd.links
@@ -0,0 +1,2 @@
+usr/sbin/vipw usr/sbin/vigr
+usr/sbin/cppw usr/sbin/cpgr
--- shadow-4.0.18.1.orig/debian/passwd.groupadd.pam
+++ shadow-4.0.18.1/debian/passwd.groupadd.pam
@@ -0,0 +1,8 @@
+# The PAM configuration file for the Shadow 'groupadd' service
+#
+
+# This allows root to add groups without being prompted for a password
+auth		sufficient	pam_rootok.so
+
+# checks for account validity
+account	required	pam_permit.so
--- shadow-4.0.18.1.orig/debian/passwd.chage.pam
+++ shadow-4.0.18.1/debian/passwd.chage.pam
@@ -0,0 +1,8 @@
+# The PAM configuration file for the Shadow 'chage' service
+#
+
+# This allows root to change password aging being prompted for a password
+auth		sufficient	pam_rootok.so
+
+# checks for account validity
+account	required	pam_permit.so
--- shadow-4.0.18.1.orig/debian/compat
+++ shadow-4.0.18.1/debian/compat
@@ -0,0 +1 @@
+5
--- shadow-4.0.18.1.orig/debian/passwd.postinst
+++ shadow-4.0.18.1/debian/passwd.postinst
@@ -0,0 +1,42 @@
+#!/bin/sh -e
+
+case "$1" in
+configure)
+    # Fix permissions on various log files from old versions of the debian
+    # installer, some unrelated to passwd but we decided to put the fix
+    # here since there was no better place. This can safely be removed
+    # after etch is released.
+    if dpkg --compare-versions "$2" lt "1:4.0.14-9"; then
+	    for log in /var/log/base-config* \
+		    $(find /var/log/debian-installer/ /var/log/installer/ -type f 2>/dev/null ); do
+		if [ -e "$log" ]; then
+			chmod 600 "$log"
+		fi
+            done
+    fi
+
+    rm -f /etc/pam.d/passwd.pre-upgrade 2>/dev/null
+	if ! getent group shadow | grep -q '^shadow:[^:]*:42'
+	then
+		groupadd -g 42 shadow || (
+    			cat <<EOF
+Group ID 42 has been allocated for the shadow group.  You have either
+used 42 yourself or created a shadow group with a different ID.
+Please correct this problem and reconfigure with ``dpkg --configure passwd''.
+
+Note that both user and group IDs in the range 0-99 are globally
+allocated by the Debian project and must be the same on every Debian
+system.
+EOF
+    			exit 1
+		)
+	fi
+    ;;
+esac
+
+# Run shadowconfig only on new installs
+[ -z "$2" ] && shadowconfig on
+
+#DEBHELPER#
+
+exit 0
--- shadow-4.0.18.1.orig/debian/login.pam
+++ shadow-4.0.18.1/debian/login.pam
@@ -0,0 +1,77 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+auth       requisite  pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context.
+# Uncomment the following line to enable SELinux
+# session required pam_selinux.so multiple
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
--- shadow-4.0.18.1.orig/debian/recode_manpages.sh
+++ shadow-4.0.18.1/debian/recode_manpages.sh
@@ -0,0 +1,50 @@
+#!/bin/sh
+
+set -e
+
+PACKAGE=$1
+[ -z "$PACKAGE" ] && {
+    echo "Usage: $0 <package>"
+    exit 1
+}
+
+# Upstream man pages are UTF-8encoded.
+# The man pages need to be recoded according to the encodings used in Debian.
+# (defined in src/encodings.c in man-db)
+
+# I've not found the encoding for zh_CN and zh_TW.
+# It should be the default falback ISO-8859-1.
+# However, the encoding of these pages seems wrong.
+
+echo "/     ISO-8859-1
+      cs    ISO-8859-2
+      de    ISO-8859-1
+      es    ISO-8859-1
+      fi    ISO-8859-1
+      fr    ISO-8859-1
+      hu    ISO-8859-2
+      id    ISO-8859-1
+      it    ISO-8859-1
+      ja    EUC-JP
+      ko    EUC-KR
+      pl    ISO-8859-2
+      pt_BR ISO-8859-1
+      ru    KOI8-R
+      sv    ISO-8859-1
+      tr    ISO-8859-9
+      zh_CN GB18030
+      zh_TW BIG5" |
+while read lang encoding
+do
+    echo "recoding lang: $lang to $encoding"
+    for page in debian/$PACKAGE/usr/share/man/$lang/man[1-8]/*
+    do
+        if [ -f $page ]
+        then
+            echo "recoding $page"
+            iconv -t $encoding -f UTF8 < $page > $page.recoded
+            mv $page.recoded $page
+        fi
+    done
+done
+
--- shadow-4.0.18.1.orig/debian/securetty.linux
+++ shadow-4.0.18.1/debian/securetty.linux
@@ -0,0 +1,139 @@
+# /etc/securetty: list of terminals on which root is allowed to login.
+# See securetty(5) and login(1).
+console
+
+# for people with serial port consoles
+ttyS0
+
+# for devfs
+tts/0
+
+# Standard consoles
+tty1
+tty2
+tty3
+tty4
+tty5
+tty6
+tty7
+tty8
+tty9
+tty10
+tty11
+tty12
+tty13
+tty14
+tty15
+tty16
+tty17
+tty18
+tty19
+tty20
+tty21
+tty22
+tty23
+tty24
+tty25
+tty26
+tty27
+tty28
+tty29
+tty30
+tty31
+tty32
+tty33
+tty34
+tty35
+tty36
+tty37
+tty38
+tty39
+tty40
+tty41
+tty42
+tty43
+tty44
+tty45
+tty46
+tty47
+tty48
+tty49
+tty50
+tty51
+tty52
+tty53
+tty54
+tty55
+tty56
+tty57
+tty58
+tty59
+tty60
+tty61
+tty62
+tty63
+
+# Same as above, but these only occur with devfs devices
+vc/1
+vc/2
+vc/3
+vc/4
+vc/5
+vc/6
+vc/7
+vc/8
+vc/9
+vc/10
+vc/11
+vc/12
+vc/13
+vc/14
+vc/15
+vc/16
+vc/17
+vc/18
+vc/19
+vc/20
+vc/21
+vc/22
+vc/23
+vc/24
+vc/25
+vc/26
+vc/27
+vc/28
+vc/29
+vc/30
+vc/31
+vc/32
+vc/33
+vc/34
+vc/35
+vc/36
+vc/37
+vc/38
+vc/39
+vc/40
+vc/41
+vc/42
+vc/43
+vc/44
+vc/45
+vc/46
+vc/47
+vc/48
+vc/49
+vc/50
+vc/51
+vc/52
+vc/53
+vc/54
+vc/55
+vc/56
+vc/57
+vc/58
+vc/59
+vc/60
+vc/61
+vc/62
+vc/63
--- shadow-4.0.18.1.orig/debian/changelog
+++ shadow-4.0.18.1/debian/changelog
@@ -0,0 +1,2835 @@
+shadow (1:4.0.18.1-9) unstable; urgency=low
+
+  * The "Etorki" release
+  * Fix debian/copyright and mention that the upstream site
+    is "temporarily?) no longer available. Closes: #423956
+    Add the various copyrights from Marek, Andrzej and Tomasz
+    (deduced from the ChangeLog entries as upstream doesn't have an
+     explicit copyright file)
+  * Debian packaging fixes:
+    The 3 following entries fix the FTBFS when built twice in a row.
+    Closes: #424257
+    - 498_man_nonpam_undefined: Do not patch the generated man/it/Makefile.in.
+    - 409_man_generate_from_PO: Generate the translated man pages at build
+    time.
+    - 200_regenerate_manpages: No more needed.
+    
+
+ -- Christian Perrier <bubulle@debian.org>  Tue, 15 May 2007 23:40:13 +0200
+
+shadow (1:4.0.18.1-8) unstable; urgency=low
+
+  * The "Feuille de Dreux" release
+  * New upstream version
+  * Debian packaging fixes:
+    - 505_useradd_recommend_adduser: Recommend using adduser and deluser for
+    regular operations.  Closes: #406046
+    - Versioned Build-Depends on gnome-doc-utils as we use the "-l"
+      switch of xml2po. Closes: #390110
+    - Remove conflicts for packages that are only in Debian releases prior
+      to sarge:
+      - passwd: shadow-passwd, pam-apps, suidregister (<< 0.50), debconf (<< 0.5)
+      - login: shadow-login, pam-apps, secure-su, suidregister (<< 0.50)
+    - Remove all debconf configuration. This is now done in D-I and is
+      no longer useful on regular systems. Closes: #386529
+    - Remove Replaces for packages that are only in Debian releases prior
+      - passwd: manpages (<=1.15-2), manpages-pl (<= 20020406-1)
+      - login: shadow-login, shadow-passwd, shellutils (<< 2.0-2), manpages-pl (<= 20020406-1)
+    - Remove unneeded Build-Depends: bzip2, file, texinfo, libpam-runtime
+    - /etc/default/useradd: Mentions the creation of primary user groups is
+      neither -n nor -g are specified. See also 407_adduser_disable_PUG_with-n
+    - no longer include /usr/bin/X11 in defaults PATH variable. Closes: #395890
+    - set debhelper compatibility to 5 through debian/compat
+    - ignore a false positive lintian warning about 
+      possible-missing-colon-in-closes in line 668 of the changelog
+  * Upstream bugs not yet fixed in upstream releases or CVS:
+    - 493_pwck_no_SHADOWPWD: SHADOWPWD no more exist.
+      pwck do not detect missing users in /etc/shadow.
+    - 466_fflush-prompt: Fix compilation error.
+      One call to yes_or_no was forgotten because it was in
+      commented code (which is now enabled).
+    - 406_vipw_resume_properly: Resume correctly after ^Z
+      Thanks to Dean Gaudet for the patch and report. Closes: #414542
+    - 497_newgrp_primary_group: Do not request a password when a user uses
+      newgrp to switch to her primary group. Closes: #396691
+    - 407_adduser_disable_PUG_with-n: Add option -n to useradd to disable the
+      creation of primary user groups. Closes: #416835
+    - 408_passwd_check_arguments: Check the passwd arguments and fail with the
+      usage message if there are more than one non option arguments (i.e.
+      usernames). Closes: #410268
+  * Upstream bugs fixed in upstream releases or CVS:
+    - 497_non_numerical_identifier moved as 397_non_numerical_identifier
+      because upstream applied it
+
+ -- Christian Perrier <bubulle@debian.org>  Mon, 07 May 2007 14:53:13 +0200
+
+shadow (1:4.0.18.1-7) unstable; urgency=low
+
+  * The "Pélardon" release
+  * Debian packaging fixes:
+    - debian/recode_manpages.sh: Recode the Swedish manpages to ISO-8859-1.
+    Closes: #403210
+    - 200_regenerate_manpages: Manually generate the man pages. This fixes the
+    formatting of some pages (e.g. passwd.5); permits to propagate the Debian
+    changes to the translated manpages; and to benefit from the fixes in the
+    Swedish manpages (see 104_man-sv).
+  * Upstream bugs fixed upstream:
+    - 104_man-sv: Fix Swedish manpages's PO encoding (some characters were
+    converted twice to UTF-8).
+  * Upstream bugs or fixes not yet fixed in upstream releases or CVS:
+    - 405_su_no_pam_end_before_exec: Avoid terminating the PAM library in the
+    forked child.  This is done later in the parent after closing the PAM
+    session.  With pam_krb5, this allow users to reuse the cached credential
+    in the forked shell. Closes: #412061
+
+ -- Christian Perrier <bubulle@debian.org>  Tue, 27 Feb 2007 06:51:44 +0100
+
+shadow (1:4.0.18.1-6) unstable; urgency=low
+
+  * The "Vieux Lille" release
+  * Upstream translation updates:
+    - debian/patches/404_man-fr: Fix the French translation of
+      passwd.1. Closes: #395537
+  * Upstream bugs or fixes not yet fixed in upstream releases or CVS:
+    - 403_fix_PATH-MAX_hurd: fixed glibc error on Hurd by not freeing f
+      unconditionnally. Thanks to Michael banck for the patch fix
+      Closes: #402002
+  * Upstream bugs fixed upstream:
+    - 103_man-de: early German translation of manpages. Updates
+      passwd manpage. Closes: #378899
+
+ -- Christian Perrier <bubulle@debian.org>  Thu,  7 Dec 2006 19:10:50 +0100
+
+shadow (1:4.0.18.1-5) unstable; urgency=high
+
+  * The "Chaource" release
+  * Debconf translation updates.
+    - Wolof.
+  * Debian packaging fixes:
+    - 401_cppw_src.dpatch:
+      Fix cppw, which copied to /etc/passwd even with the -s switch.
+      Closes: #394182
+
+ -- Christian Perrier <bubulle@debian.org>  Sat, 21 Oct 2006 23:33:20 +0200
+
+shadow (1:4.0.18.1-4) unstable; urgency=low
+
+  * The "Brocciu" release
+  * Debconf translation updates. Closes: #392193
+    - Brazilian Portuguese.
+    - Finnish.
+    - Hindi.
+    - Hungarian.
+    - Indonesian.
+    - Norwegian Bokmål.
+    - Slovak.
+    - Turkish.
+    - Vietnamese.
+
+ -- Christian Perrier <bubulle@debian.org>  Tue, 17 Oct 2006 22:52:54 +0200
+
+shadow (1:4.0.18.1-3) unstable; urgency=low
+
+  * The "Gris de Lille" release
+  * Debian packaging fixes:
+    - debian/control: Use XS-X-Vcs-Svn: field
+    - debian/login.pam: add (commented) SELinux enabling entry
+      to prepare the system for SELinux. Closes: #387480
+  * Upstream translation updates:
+    - debian/patches/102_de-fix-sorry: Fix the translation of "Sorry" in
+      German. Closes: #383045
+  * Debconf translation updates:
+    - Spanish. Closes: #383812
+    - Hebrew. Closes: #387635
+
+ -- Christian Perrier <bubulle@debian.org>  Sun, 17 Sep 2006 08:54:22 +0200
+
+shadow (1:4.0.18.1-2) unstable; urgency=low
+
+  * The "Picodon" release
+  * Upstream translation updates:
+    - debian/patches/101_ja: Japanese. Closes: #381873
+  * Debconf translation updates:
+    - Spanish. Closes: #383812
+  * Upstream bugs fixed in upstream releases or CVS:
+    - debian/patches/301_passwd-typo-383216: fix a typo in passwd.1
+      Closes: #383216
+  * Upstream bugs not yet fixed in upstream releases or CVS:
+    - build with new gettext 0.15. This requires building with automake 1.9
+      and a change in po/Makefile.in.in: 499_gettext-0.15. Closes: #384631
+
+ -- Christian Perrier <bubulle@debian.org>  Fri, 25 Aug 2006 19:12:25 +0200
+
+shadow (1:4.0.18.1-1) unstable; urgency=low
+
+  * The "Laguiole" release
+  * New upstream version.
+  * Upstream bugs not yet fixed in upstream releases or CVS:
+    - 497_non_numerical_identifier: In useradd and usermod, only numerical
+      group identifiers were supported.
+      Closes: #381394, #381399, #381404, #381408, #381448
+    - 498_man_nonpam_undefined: Fix a build failure.
+  * Debian specific fixes:
+    - 496_login_init_session: only start a new session if we are init.
+
+ -- Nicolas FRANCOIS (Nekral) <nicolas.francois@centraliens.net>  Fri,  4 Aug 2006 18:50:53 +0200
+
+shadow (1:4.0.18-1) unstable; urgency=low
+
+  * The "Selles sur Cher" release
+  * New upstream version. This closes the following bugs:
+    - Fix the usermod's -a option. It should not take an
+      argument, -a it uses the -G argument. Closes: #380645
+    - Galician translation. Closes: #378793
+    - Basque translation. Closes: #378794
+    - Russian translation. Closes: #378911
+  * Debian packaging fixes:
+    - login.defs: do not mention GETPASS_ASTERISKS since it is no more used.
+      Thanks to Mike Frysinger for noticing it.
+    - 506_relaxed_usernames: Fix the regular expression of the accepted user
+      name in the useradd man page. Closes: #377844
+    - Add Nicolas FRANCOIS to the Uploaders.
+    - Remove the NEWS entry for version 1:4.0.17-1. It was meant to warn
+      testing's users and is not meant for Etch users.
+    - manpages-it 0.3.4-3 do not collides with passwd anymore. Update the
+      Replaces field accordingly.
+  * Debconf translation updates:
+    - Japanese translation updated. Closes: #379954
+
+ -- Christian Perrier <bubulle@debian.org>  Sun, 16 Jul 2006 11:41:24 +0200
+
+shadow (1:4.0.17-2) unstable; urgency=low
+
+  * The "La Marseillaise 2006" release
+  * Upstream bugs not yet fixed in upstream releases or CVS:
+    - 495_salt_stack_smash: chpasswd/chgpasswd does not break if compiled
+      with SSP. Closes: #377825
+    - 496_login_init_session: Make login initialize a session so that
+      ^C and ^Z work when used while booting with "init=/bin/login"
+      Closes: #374547
+
+ -- Christian Perrier <bubulle@debian.org>  Fri, 14 Jul 2006 13:05:53 +0200
+
+shadow (1:4.0.17-1) unstable; urgency=low
+
+  * The "Sainte-maure de Touraine" release
+  * New upstream version. This closes the following bugs:
+    - Russian translation. Closes: #374998
+    - Khmer translation. Closes: #375065
+    - Nepali translation. Closes: #375485
+    - Korean translation. Closes: #375243
+    - Vietnamese. Closes: #375086
+  * Debian specific fixes:
+    - 503_shadowconfig.8: fix a typo in the French manpage (README.debian
+      instead of README.Debian). Thanks to Mohammed Adnène Trojette.
+    - 508_nologin_in_usr_sbin: keep nologin in /usr/sbin.
+  * Debian packaging fixes:
+    - passwd.postinst: Modified call to shadowconfig as "install" is not
+      a documented argument to postinst. Thanks to Justin Pryzby for
+      spotting that one and proposing a fix. Closes: #374457
+    - passwd.templates: use "for internal use" as template for untranslatable
+      templates which will save some lintian warnings with future
+      versions of lintian
+  * Debconf translation updates:
+    - Lituanian translation updated. Closes: #374313
+    - Dutch translation updated. Closes: #377003
+  * Upstream bugs fixed upstream:
+    - debian/patches/301_useradd-375040: create the mail spool files during
+      user creation when CREATE_MAIL_SPOOL=yes. Closes: #375040
+      Thanks to Stephen Gran for helping out with the correct patch.
+
+ -- Christian Perrier <bubulle@debian.org>  Wed, 12 Jul 2006 22:55:13 +0200
+
+shadow (1:4.0.16-2) unstable; urgency=low
+
+  * The "Valençay" release
+  * Upstream bugs or fixes not yet fixed in upstream releases or CVS:
+    - 403_fix_PATH-MAX_hurd: fix FTBFS on Hurd. Thanks to Michael Banck
+      for the fix. Closes: #372155
+
+ -- Christian Perrier <bubulle@debian.org>  Sat, 10 Jun 2006 15:31:12 +0200
+
+shadow (1:4.0.16-1) unstable; urgency=low
+
+  * The "Cabécou" release
+  * New upstream release
+  * Added build dependency on gnome-doc-utils so that xml2po is available
+    for building
+  * Debian specific fixes:
+    - 504_undef_USE_PAM.dpatch: do not use PAM for chgpasswd
+      Closes: #369439
+    - debian/rules, debian/passwd.install: cleanup
+      The limits.5 man page is no more installed by upstream. (It wasn't
+      neither on Debian).
+    - no more distribute the login.access.5 and porttime.5 man pages.
+      (not used when login uses PAM)
+    - 592_manpages_typos: add another fix for the XML man pages (useradd.8)
+      It is needed by the current version of docbook-xsl in Debian (1.68).
+      Closes: #369806
+  * Debian packaging fixes:
+    - ignore some lintian warnings about templates writing style for
+      untranslatable templates
+  * Read /etc/default/locale in su PAM config file
+    Closes: #369391
+
+ -- Christian Perrier <bubulle@debian.org>  Wed,  7 Jun 2006 20:23:36 +0200
+
+shadow (1:4.0.15-10) unstable; urgency=high
+
+  * The "Emmental" release
+  * Upstream bugs or fixes fixed in upstream releases or CVS:
+    - Fix for CERT VU#312962
+      + check the return value of fchown before fchmod when the mailbox is
+        created by useradd
+      + The patch also uses login.defs::MAIL_DIR instead of /var/mail.
+  * Reading /etc/default/locale is back in login PAM config file
+    after brainstorming with Steve. Closes: #368102
+  * Debian specific fixes
+    - Patches cleanup:
+      + remove 004_configure.in.dpatch (not used since a long time).
+      + rename 404_undef_USE_PAM.nolibpam and 404_undef_USE_PAM.dpatch to
+        504_xxx as they are debian specific.
+      + rename 407_32char_grnames.dpatch to 507_xxx for the same reason.
+      + rename 432_login_cancel_timout_after_authentication to 332_xxx,
+        because it is already applied upstream.
+      + Likewise for 461_keep_sticky_bit_for_dirs, 486_chgpasswd.8 and
+        492_correct_exit_status_for_run_commands
+
+ -- Christian Perrier <bubulle@debian.org>  Thu, 18 May 2006 01:44:56 -0500
+
+shadow (1:4.0.15-9) unstable; urgency=low
+
+  * The "Coulommiers" release
+  * Debian specific fixes
+    - 506_relaxed_usernames: better wording of the explanations about
+      the constraints on usernames in Debian. Closes: #364909
+
+ -- Christian Perrier <bubulle@debian.org>  Wed, 17 May 2006 21:23:36 -0500
+
+shadow (1:4.0.15-8) unstable; urgency=low
+
+  * The "Tomme de Savoie" release
+  * Upstream bugs or fixes not yet fixed in upstream releases or CVS:
+    - 487_passwd_chauthtok_failed_message: Add an informative message
+      When password couldn't be changed in passwd when chauthok fails
+      Closes: #352137
+  * Debian packaging fixes:
+    - stop reading /etc/default/locale in addition to /etc/environment
+      in the PAM configuration file for login and su
+
+ -- Christian Perrier <bubulle@debian.org>  Tue, 16 May 2006 20:09:17 -0500
+
+shadow (1:4.0.15-7) unstable; urgency=low
+
+  * The "Abondance" release
+  * Fix UNRELEASED in the NEWS.Debian file. Closes: #364752
+  * debian/control
+    - Updated to Standards: 3.7.2.0 (checked, no change needed: we were
+      already compliant)
+  * Debconf translation updates:
+    - Dutch translation updated. Closes: #363690
+  * Debian specific fixes:
+    - 406_good_name: Better description of what usernames are recommanded or
+      allowed in useradd(8).  Thanks to Reuben Thomas. Closes: #364909
+  * Upstream bugs or fixes fixed in upstream releases or CVS:
+    - 303_usermod_-a_in_man. Document -a in usermod man page. Closes: #365091
+    - 402-clarify_usermod_usage. Move -a close to -G. Closes: #363033
+    - Programs translation updates or fixes:
+      - 351_nl-359913: Fix typo in Dutch translation. Closes: #359913
+      - 352_id-361186: Complete Indonesian translation. Closes: #361186, #361187
+      - 353_hu-362749: New Hungarian translation. Closes: #362749
+
+ -- Christian Perrier <bubulle@debian.org>  Thu,  4 May 2006 20:53:35 +0200
+
+shadow (1:4.0.15-6) unstable; urgency=high
+
+  * The "Beaufort" release
+  * Debian packaging fixes:
+    - Change the Conflicts on backupninja from (<= 0.9.3-4) to (<< 0.9.3-5).
+    - Set a version Conflicts with gnunet.
+
+ -- Christian Perrier <bubulle@debian.org>  Mon, 17 Apr 2006 15:18:05 +0200
+
+shadow (1:4.0.15-5) unstable; urgency=high
+
+  * The "Ossau-Iraty" release
+  * Debian packaging fixes:
+    - Add a NEWS entry for the new su behavior introduced in 1:4.0.15-2
+    - explicitely set DEB_HOST_ARCH_OS to avoid FTBFS on autobuilder now
+      that sudo doesn't pass environment variables explicitely
+
+ -- Christian Perrier <bubulle@debian.org>  Sat, 15 Apr 2006 10:05:05 +0200
+
+shadow (1:4.0.15-4) unstable; urgency=high
+
+  * The "Fourme d'Ambert" release
+  * Debian packaging fixes:
+    - set a versioned Conflict with python-4suite.
+
+ -- Christian Perrier <bubulle@debian.org>  Sat,  8 Apr 2006 20:11:38 +0200
+
+shadow (1:4.0.15-3) unstable; urgency=high
+
+  * The "Neufchâtel" release
+  * Debian packaging fixes:
+    - set a versioned Conflict with amaviwsd-new. Closes: #360856, #360567
+
+ -- Christian Perrier <bubulle@debian.org>  Wed,  5 Apr 2006 08:50:21 +0200
+
+shadow (1:4.0.15-2) unstable; urgency=low
+
+  * The "Pavé d'Auge" release
+  * Debian packaging fixes:
+    - Only replace manpages-es << 1.55-4. Thanks to Rubén
+    - Include chgpasswd in shipped files. Really Closes: #355070
+    - parse /etc/default/locale for locale environment variables in login and
+      su default PAM configuration files. Thanks to Denis Barbier for the
+      patch. Closes: #359163
+    - su: Do not concatenate the additional arguments, and support an
+          environment variable to revert to the old Debian's su behavior.
+          Closes: #276419
+          To avoid breaking packages using the old-style way to pass
+          arguments, set Conflicts with "gnunet, amavisd-new, python-4suite,
+          backupninja (<= 0.9.3-4), echolot (<< 2.1.8-4)"
+    - 467_useradd_-r_LSB. Do not forgot to change the owner of the new home
+      directory. Closes: #360179
+  * Upstream bugs or fixes not already fixed in upstream releases or CVS:
+    - 486_chgpasswd.8: add a manpage for chgpasswd.
+  * Upstream bugs or fixes fixed in upstream releases or CVS:
+    - 492_correct_exit_status_for_run_commands: correct the exit status of su
+      when the invoked command fails. Closes: #360276
+
+ -- Christian Perrier <bubulle@debian.org>  Sun,  2 Apr 2006 12:45:49 +0200
+
+shadow (1:4.0.15-1) unstable; urgency=low
+
+  * The "Livarot" release
+  * Ack the previous changes uploaded to experimental except for #276419
+  * New upstream release
+    - chpasswd.8: Rewrite the CAVEATS section. Closes: #355010
+    - Updated translation for:
+      * Indonesian Closes: #345514, #347198
+      * Swedish Closes: #346017, #346449, #352276
+      * Slovak Closes: #346376, #349898, #352028
+      * Romanian Closes: #347755, #352712
+      * Galician Closes: #347943, #352444, #355587
+      * Italian Closes: #348339, #352345
+      * Greek Closes: #348713
+      * Russian Closes: #349193
+      * Basque Closes: #349496
+      * Catalan Closes: #353898
+      * Vietnamese Closes: #352310
+      * Italian Closes: #356610
+    - lastlog: Warn if non-option argument are provided. Closes: #349560
+    - chgpasswd: new utility. Closes: #355070
+  * Debian packaging fixes:
+    - Only replace manpages-ko << 20050219-2. Thanks to the Debian QA Group.
+    - Only replace manpages-fi << 0.2-4. Thanks to the Debian QA Group.
+    - Only replace manpages-de << 0.4-10. Thanks to Daniel Kobras
+    - Only replace manpages-es-extra << 0.8a-15. Thanks to Javier
+      Fernandez-Sanguino Peña.
+  * Upstream bugs or fixes not already fixed in upstream releases or CVS:
+    - 467_useradd_-r_LSB: add a "-r" option for adding system users
+      for LSB compatibility. Closes: #333706
+      This patch, announced in 4.0.14-7 was indeed not applied.
+  * Debconf translation updates:
+    - Punjabi translation renamed to pa.po after debian-i18n decision
+
+ -- Christian Perrier <bubulle@debian.org>  Tue, 21 Mar 2006 12:37:01 +0100
+
+shadow (1:4.0.14-9) unstable; urgency=high
+
+  * passwd.postinst: On upgrades from any prior version, chmod 600 various
+    base-config and d-i log files that might contain sensative information,
+    including in some cases, passwords. Closes: #356939
+
+ -- Christian Perrier <bubulle@debian.org>  Wed, 15 Mar 2006 08:03:43 +0100
+
+shadow (1:4.0.14-8) experimental; urgency=low
+
+  * The "Salers" release
+  * Debconf translation updates:
+    - Dutch updated. Closes: #354593
+  * Debian packaging fixes:
+    - move the @include statements at the end of pam configuration files.
+      This is of no important with the Debian default common-* files
+      but would lead to unexpected results if the local admin adds
+      "sufficient" lines in these common-* files
+    - make sure debian/recode_manpages.sh fails if a page can't be recoded.
+    - more bulletproof string checks in passwd.config (related to: #355268).
+    - Do not use type-handling for the dependency on libselinux1-dev.
+      Use an explicit list of arches. Thanks to Guillem Jover.
+    - su: Do not concatenate the additional arguments, and support an
+          environment variable to revert to the old Debian's su behavior.
+          Closes: #276419
+  * Upstream bugs fixed in upstream CVS:
+    - make passwd.1 synopsis consistent with other man pages
+      Closes: #352136
+
+ -- Christian Perrier <bubulle@debian.org>  Mon,  6 Mar 2006 06:54:42 +0100
+
+shadow (1:4.0.14-7) unstable; urgency=low
+
+  * The "Carré d'Aurillac" release (let's stay in Cantal)
+  * Upstream bugs or fixes not already fixed in upstream releases or CVS:
+    - 467_useradd_-r_LSB: add a "-r" option for adding system users
+      for LSB compatibility. Closes: #333706
+    - 493_selinux_no_proc:
+      Only check selinux_check_passwd_access on SELinux enabled system.
+      This fix issues in passwd, chage, chfn and chsh when /proc is not
+      mounted. Closes: #352494
+  * Debian packaging fixes:
+    - Stop replacing manpages-it (login only, newusers is still conflicting on
+      passwd) and manpages-hu as new releases removed the conflicting manpages
+    - passwd.config:
+      Better POSIX compliance and avoid failure if root password is set to '!'
+      Thanks to Vagrant Cascadian for reporting and providing the patch
+      Closes: #353813
+
+ -- Christian Perrier <bubulle@debian.org>  Wed, 22 Feb 2006 06:58:47 +0100
+
+shadow (1:4.0.14-6) unstable; urgency=low
+
+  * The "Cantal" ("Vieux" flavour) release
+  * Upstream bugs or fixes not already fixed in upstream releases or CVS:
+    - 491_configure.in_friendly_selinux_detection:
+      Detect that selinux is not present without failing.
+    - 492_manpages_typos:
+      Fix a typo in the passwd manpage "TheUNIX". Closes: #352135
+
+ -- Christian Perrier <bubulle@debian.org>  Fri, 10 Feb 2006 16:50:59 +0100
+
+shadow (1:4.0.14-5) unstable; urgency=low
+
+  * The "Roquefort" release
+  * Upstream bugs or fixes not already fixed in upstream releases or CVS:
+    - 489_useradd_allow_non_uniq_uid:
+      Allow non-unique UID when -o is specified. Closes: #351281
+    - 490_useradd_always_unlock_group_databases:
+      Always remove the lock on the group and gshadow databases.
+      CLoses: #348250
+    - 463_login_delay_obeys_to_PAM:
+      Do not hardcode pam_fail_delay and let pam_unix do its job to
+      set a delay...or not
+      CLoses: #87648
+  * Debian packaging fixes:
+    - Build with SE Linux support for Linux architectures
+      (and do not link the tools without SELinux support with the selinux
+      library: 490_link_selinux_only_when_needed)
+      Closes: #351631
+
+ -- Christian Perrier <bubulle@debian.org>  Thu,  9 Feb 2006 19:04:58 +0100
+
+shadow (1:4.0.14-4) unstable; urgency=low
+
+  * The "Cancoillotte" release
+  * Debian specific fixes:
+    - recode_manpages.sh was not called after the switch to CDBS.
+      The man pages were all distributed in UTF-8
+    - Encode the (Debian) shadowconfig manpages in UTF-8 so that
+      recode_manpages.sh can be used on all manpages
+    - do not build login on The Hurd
+      Closes: #349356
+    - debian/rules:
+      additional cleanups
+  * Upstream bugs or fixes not already fixed in upstream releases or CVS:
+    - 485_shell-env-exitcodes:
+      - explicitly pass environment to shell() as 3rd argument
+      - return errno from shell()
+      - introduce E_CMD_NOTFOUND/E_CMD_NOEXEC exitcodes
+  * Debconf translation updates:
+    - Danish updated. Closes: #348571
+
+ -- Christian Perrier <bubulle@debian.org>  Sun, 15 Jan 2006 16:27:15 +0100
+
+shadow (1:4.0.14-3) unstable; urgency=low
+
+  * The "Pont-L'Évêque" release
+  * Upstream bugs or fixes not already fixed in upstream releases or CVS:
+    - 479_chowntty_debug:
+      - produce more helpful syslog message[s] when is_my_tty() fails
+        (see bug #332198).
+    - 462_warn_to_edit_shadow:
+      - warn users to edit the shadow file when using vipw or vigr
+        Closes: #62821
+    - 480_getopt_args_reorder:
+      - Allow SU options to be passed after - or the username
+    - 481_userdel_remove_remove_group:
+      - User's group was removed twice, which caused warnings
+    - 461_keep_sticky_bit_for_dirs:
+      - keep the sticky bit in the directory copied by useradd in the
+        skeleton or by usermod.
+        Closes: #296729
+    - 482_libmisc_copydir_check_return_values:
+      - check the return value of system calls in copy_tree
+    - 483_su_fakelogin_wrong_arg0:
+      - shell's name must be -su when su is faking a login shell.
+        Closes: #347747
+    - 484_su-p_preserve_PATH:
+      - -p did not preserve the PATH environment variable when su started a
+        shell (no -c).
+        Closes: #347935
+  * Debian specific fixes:
+    - debian/rules:
+      - switch to cdbs for package build
+
+ -- Christian Perrier <bubulle@debian.org>  Sun, 15 Jan 2006 15:03:56 +0100
+
+shadow (1:4.0.14-2) unstable; urgency=low
+
+  * The "Vieux brie" release
+  * Missing dependency on docbook-xml and libxml2-utils
+    Closes: #346395
+
+ -- Christian Perrier <bubulle@debian.org>  Sat,  7 Jan 2006 19:08:36 +0100
+
+shadow (1:4.0.14-1) unstable; urgency=low
+
+  * The "Crottin de Chavignol" release
+  * New upstream release. This release fixes the following issues:
+    - French useradd no longer documents nonexisting -n option
+      Closes: #340578
+    - Russian translation update. Closes: #340826
+    - Fix German translation. Closes: #338373
+    - Swedish translation update. Closes: #334264
+    - Ukrainian translation update. Closes: #335381
+    - Tagalog translation update. Closes: #336649
+    - French translation update. Closes: #338410
+    - Simplified Chinese translation update. Closes: #339554
+    - Russian man pages translation update. Closes: #340828
+  * Upstream bugs not already fixed in upstream releases or CVS:
+    - 468_duplicate_passwd_struct_before_usage
+      Duplicate the passwd structures retrieved by getpwnam before calling
+      PAM. Closes: #341230
+  * Debian specific fixes:
+    - 502_fix_generated_man_pages
+      remove the occurences of ’ which is not supported by the current version
+      of docbook-xsl in Debian. Closes: #341489
+  * Debconf translation updates:
+    - Basque updated. Closes: #342102
+    - Catalan updated. Closes: #344964
+  * Debian packaging fixes:
+    - debian/rules, debian/login.files, debian/passwd.files:
+      Use dh_install instead of old dh_movefiles for moving files from
+      debian/tmp and rename {login, passwd}.files to {login,passwd}.install
+      Closes: #343534
+    - debian/rules:
+      debian/rules: stop building login for Hurd, which breaks bootstrap
+      Thanks to Michael Banck for the patch. Closes: #343473
+    - debian/passwd.config:
+      call programs using [a-z] under a C locale. Thanks Denis Barbier
+      for the patch. Closes: #343595
+    - debian/rules, debian/shells, debian/passwd.postinst:
+      Remove the /usr/share/passwd/shells files and the postinst code that
+      installed it as /etc/shells. This is now done by debianutils.
+      Closes: #342858
+    - Also remove README.shells, which should be distributed by debianutils.
+    - debian/passwd.postrm:
+      Do not remove /etc/shells on purge. Closes: #345659
+    - Fix the version of an old entry in NEWS.Debian
+    - Do not distribute the pam.d files for commands with disabled PAM support
+      (chage, chpasswd, groupadd, groupdel, groupmod, useradd, userdel,
+      usermod)
+
+ -- Christian Perrier <bubulle@debian.org>  Fri,  6 Jan 2006 07:42:52 +0100
+
+shadow (1:4.0.13-7) unstable; urgency=low
+
+  * The "Chabichou" release
+  * Debian packaging fixes:
+    - debian/rules, debian/login.links, debian/passwd.links:
+      Use dh_link for setting up symlinks
+    - get rid of initial-passwd-udeb as D-I will now use its
+      own udeb (user-setup-udeb)
+  * Debconf translation updates:
+    - Portuguese updated. Closes: #338767
+    - Korean updated. Closes: #339011
+    - Ukrainian updated. Closes: #338878
+    - Galician updated. Closes: #338908
+    - German updated. Closes: #339660
+    - Romanian updated. Closes: #340097
+  * Upstream fixes which will reach next upstream version
+    - 460_vipw-quiet: vipw logs "unchanged" message to stdout
+      and offers a quiet mode. Closes: #190252
+
+ -- Christian Perrier <bubulle@debian.org>  Sun, 20 Nov 2005 16:04:54 +0100
+
+shadow (1:4.0.13-6) unstable; urgency=low
+
+  * The "Saint-Nectaire" release
+  * Debian packaging fixes:
+    - passwd.config:
+      Add "seen false" for passwd/root-password and
+      passwd/root-password-again when entered root passwords mismatch or are
+      empty. Thanks to Tollef Fog Heen for noticing.
+  * Debconf translation updates:
+    - Simplified Chinese updated. Closes: #338075
+
+ -- Christian Perrier <bubulle@debian.org>  Thu, 10 Nov 2005 17:07:14 +0100
+
+shadow (1:4.0.13-5) unstable; urgency=low
+
+  * The "Fourme de Montbrison" release
+  * Debian packaging fixes:
+    - passwd.config:
+      Add a variable quoting which probably prevented users to
+      preseed a locked password for root and fix a logic error in the script
+      Working user password crypted preseeding (it probably failed earlier)
+  * Debconf translation updates:
+    - Russian updated. Closes: #337370
+  
+ -- Christian Perrier <bubulle@debian.org>  Tue,  1 Nov 2005 18:10:30 +0100
+
+shadow (1:4.0.13-4) unstable; urgency=low
+
+  * The "Comté" release (let's make Nicolas happy)
+  * Debian packaging fixes:
+    - initial-passwd-udeb:
+      Grab last version of Ubuntu code to get rid of the mktemp error
+      This virtually closes bug 336321 but we keep it opened to be sure
+      that noone imagines pushing this version to testing.
+  * Upstream fixes which will reach next upstream version
+    - 467_usermod_longopts: add long options support to usermod.
+      Closes: #260149
+    - 366_fflush-prompt: fflush prompts to allow scripting. Closes: #333138
+
+ -- Christian Perrier <bubulle@debian.org>  Tue,  1 Nov 2005 13:04:09 +0100
+
+shadow (1:4.0.13-3) unstable; urgency=high
+
+  * The "Trou du Cru" release (actually, the one deserving this name is me)
+  * Urgency set to high to avoid breaking D-I for too long
+  * Debian packaging fixes:
+    - debian/control:
+      - Make initial-passwd-udeb priority extra to avoid breaking all D-I
+        images
+
+ -- Christian Perrier <bubulle@debian.org>  Sun, 30 Oct 2005 06:52:26 +0100
+
+shadow (1:4.0.13-2) unstable; urgency=low
+
+  * The "Pouligny St-Pierre" release
+  * Debian packaging fixes:
+    - debian/control:
+      - manpages-ja: versioned Replaces as the man pages have now been
+                     removed
+      - manpages-ko: versioned Replaces as the man pages have now been
+                     removed
+    - debian/login.defs:
+      - fix a typo.
+    - early release of a (currently not used) udeb to allow user creation
+      and password setting to be done in D-I first stage
+      Patch taken from Ubuntu. Thanks to Colin Watson for providing it.
+    - debian/copyright:
+      - for RMS clones sake, stop breaking Thy Holy GNU Copyright
+        Closes: #334870
+  * Patches to upstream man pages, not yet applied upstream:
+    - debian/patches/457_document_useradd_groupadd_nis:
+      Document that low level utilities will certainly never
+      implement strange behaviour such as adding local users or groups with
+      logins existing in external databases
+      Closes: #282184
+    - debian/patches/458_manpages_typos
+      Fix some typos in faillog.5, chage.1, chpasswd.8
+      Thanks to A Costa <agcosta@gis.net>
+      Closes: #333995, #333994, #333993
+    - debian/patches/459_better_document_useradd_-d
+      Better document, in useradd.8, that the home_dir specified
+      with -d is not created if it does not exist
+      Closes: #154996
+  * Debconf translation updates:
+    - Norwegian Bokmal updated. Closes: #316732
+    - Russian updated. Closes: #334250
+    - Tagalog updated. Closes: #335158
+    - Swedish updated. Closes: #335319
+    - Italian updated. Closes: #335856
+
+ -- Christian Perrier <bubulle@debian.org>  Tue, 25 Oct 2005 11:46:31 +0200
+
+shadow (1:4.0.13-1) unstable; urgency=low
+
+  * The "Maroilles" release
+  * New upstream version:
+    Debian bugs fixed by the new upstream version:
+    - faillog: Do not oversimplify the date of the last unsuccessful login
+      Closes: #89902
+    - login.1: also mention securetty(5). Closes: #325773
+    - chfn.1, chsh.1, groupadd.8, newusers.8, pwconv.8
+      useradd.8, userdel.8, usermod.8:
+      Improved crossreferences with other manpages
+      Closes: #300892
+    - newgrp.1:
+      Improved documentation of how group passwords work
+      Closes: #325558
+    - passwd.c:
+      The usage line is no more too terse
+      Closes: #146779
+  * Patches to upstream man pages, not yet applied upstream:
+    - debian/patches/452_doc_password_check_order:
+      Document the order for checking the password strength
+      Closes: #115380
+  * Debian packaging fixes:
+    - debian/login.su.pam:
+      - pam_wheel example moved after pam_rootok in config.
+        Also documents that with 'pam_wheel.so group=foo', root may need to
+        be in the foo group. Closes: #330630, #330855
+      - pam_env turned to be used as a session module which it is designed
+        to be. Thanks to Steinar H. Gunderson who pointed this out and
+        Steve Langasek and Andrew Suffield who suggested the right solution.
+    - debian/control:
+      - manpages-es-extra: versioned Replaces as the man pages have now been
+                           removed
+      - manpages-de:       versioned Replaces as the man pages have now been
+                           removed
+      - manpages-hu:       versioned Replaces as the man pages have now been
+                           removed
+    - debian/rules:
+      - pack upstream's NEWS file into login and passwd. Closes: #331487
+      - pack login.defs and its manpages into "passwd" instead of "login"
+        package for the Hurd platform. Closes: #249372
+      - copy upstream's changelog. Closes: #331487
+    - debian/passwd.config, debian/passwd.templates:
+      - allow preseeding the root (and user) password with a MD5 hash
+        Closes: #275343, #304352
+        Thanks to Colin Watson for the Ubuntu patch
+      - the above also allows preseeding a disabled password for root
+        Closes: #304343
+      - add passwd/user-uid template, which can be preseeded to force the
+        initial user to have a certain uid.
+        Thanks to Colin Watson for the Ubuntu patch
+      - allow hyphens in username
+        Thanks to Colin Watson for the Ubuntu patch (Ubuntu #15721)
+    - debian/login.defs:
+      - document the obsoleted by PAM ENV_HZ variable. Closes: #265613
+      - better document the real use of USERGROUPS_ENAB. Closes: #282822
+    - debian/add-shell, debian/remove-shell, debian/add-shell.8,
+      debian/remove-shell.8:
+      - utilities moved to debianutils. Add a versioned "Depends" line on
+        debianutils so that passwd cannot be upgraded when the new
+        debianutils version including these utilities isn't available
+        Closes: #208514, #268656, #269573, #293171
+  * Debconf translation updates:
+    - Swedish updated. Closes: #332711
+
+ -- Christian Perrier <bubulle@debian.org>  Mon, 10 Oct 2005 23:15:47 +0200
+
+shadow (1:4.0.12-6) unstable; urgency=low
+
+  * The "Reblochon" release
+  * Debian packaging fixes:
+    - debian/control:
+      More accurate Replaces lines for manpages-* packages which have
+      been fixed:
+      - manpages-ru
+      - manpages-fr
+      - manpages-fi (removed because distributes translations we don't have)
+      - manpages-pt (removed because distributes translations we don't have)
+      - manpages-tr (removed because distributes translations we don't have)
+      - manpages-zh for login 
+                    (removed because distributes translations we don't have)
+    - debian/login.pam, debian/login.su.pam:
+      - use "readenv=1" with pam_env so that /etc/environment settings are
+        used. Thanks to Konrad Jelen for pointing it
+      - use "pam_mail" for login and su to display the user's new mail status
+        (for login only) and set the MAIL environment variable
+        Add a comment about the need to *also* define MAIL_DIR and possibly
+        MAIL_FILE in /etc/login.defs so that userdel behaves properly
+        Closes: #330420
+    - Really add /etc/pam.d/passwd. Closes: #330870
+    - Enable pam_group by default in login. Closes: #124293
+    - debian/login.defs:
+      Better document the real and future use of MAIL_DIR and MAIL_FILE
+  * Upstream bugs not already fixed in upstream releases or CVS:
+    - 451_login_PATH: set PATH according to ENV_SUPATH and ENV_PATH for login
+      Closes: #330803
+
+ -- Christian Perrier <bubulle@debian.org>  Wed, 28 Sep 2005 19:59:31 +0200
+
+shadow (1:4.0.12-5) unstable; urgency=low
+
+  * Really add /etc/pam.d/su. Closes: #330291
+  
+ -- Christian Perrier <bubulle@debian.org>  Wed, 28 Sep 2005 19:59:31 +0200
+   
+shadow (1:4.0.12-4) unstable; urgency=low
+
+  * The "Epoisses" release
+  * Debian packaging fixes:
+    - debian/control:
+      Add a few more Replaces for broken manpages-xx packages
+      which provide random man pages for software they don't
+      provide. Closes: #330526, #330338
+  * Use dh_installpam correctly so that /etc/pam.d/su really exists
+    Closes: #330291
+  * Change section to admin because of the restructuration of the "base"
+    section by the ftpmasters
+
+ -- Christian Perrier <bubulle@debian.org>  Tue, 27 Sep 2005 07:20:44 +0200
+
+shadow (1:4.0.12-3) unstable; urgency=low
+
+  * The "Langres" release
+  * Debian packaging fixes:
+    - debian/control:
+      login now replaces manpages-de because of conflicting login.1
+      manpage. Closes: #330247
+
+ -- Christian Perrier <bubulle@debian.org>  Tue, 27 Sep 2005 07:20:44 +0200
+
+shadow (1:4.0.12-2) unstable; urgency=low
+
+  * The "Boulette d'Avesnes" release
+  * Debian packaging fixes:
+    - debian/useradd.default:
+      File added and installed as /etc/default/useradd to provide
+      "safe" defaults to useradd and, for instance, have it create users
+      with a shell. Closes: #293492
+
+ -- Christian Perrier <bubulle@debian.org>  Thu, 22 Sep 2005 07:34:29 +0200
+
+shadow (1:4.0.12-1) experimental; urgency=low
+
+  * The "Munster" release
+  * New upstream release
+  * Bugs fixed by the move to upstream release:
+    - Portuguese translation update. Closes: #323069
+  * Debian packaging fixes:
+    - Fix a bug number in the previous changelog entry (s/155297/155279/).
+    - Patches for man pages reduced to only patch XML files:
+      441, 440, 333, 421, 424, 442, 444
+    - Reduce 005 patch to only patch useradd.8.xml (other changes
+      have been fixed upstream and we assume that the man pages are
+      generated from the XML files).
+      Move the patch for the su man page (wich explain the 437_* patches)
+      to 437_su_add_GNU_options_7
+    - Disable patches now applied upstream:
+      002, 336, 363, 443_man_it_Makefile.am, 364
+    - login.defs:
+      Entries moved to obsolete sections:
+      CLOSE_SESSIONS, LOGIN_STRING, NO_PASSWORD_CONSOLE, QMAIL_DIR
+      ULIMIT
+    - NEWS.Debian: added
+    - Ship a (currently useless) PAM configuration file for chage, useradd,
+      usermod, userdel, groupadd, groupmod, groupdel, including 
+      pam_rootok.so alone
+    - use dh_installpam to install PAM configuration files
+    - start the cleanup of the unused patches list
+    - debian/passwd.config:
+      No more endless loops when the user passwords mismatch
+      Closes: #325910
+  * Upstream bugs not already fixed in upstream releases or CVS:
+    - 443_chage_exit_values: now exit with errorlevel=15 when no
+      shadow password exists (was previously 3 but upstream now uses it)
+    - 447_missing_login.defs_variables: verify the list of login.defs
+      variables used and update the getdef.c and login.def files accordingly.
+  * Debconf translation updates:
+    - German updated. Closes: #321761
+    - Romanian updated. Closes: #323575
+    - Dutch updated. Closes: #323756
+  * Upstream bugs already fixed in upstream releases or CVS:
+    - 448_enable_man: man pages are generated from the XML files.
+
+ -- Christian Perrier <bubulle@debian.org>  Thu, 25 Aug 2005 08:38:53 +0200
+
+shadow (1:4.0.11.1-1) experimental; urgency=low
+
+  * New upstream release.
+  * Bugs fixed by the move to upstream release:
+    - Stop documenting about passing env variables at login prompt
+      Closes: #95213
+    - Correct reference to vi(1) man page in vipw(1)
+      Closes: #260636
+  * Debian packaging fixes:
+    - Enable the use of pam_env for su. Needed a fix which appeared
+      in upstream 4.0.6
+      Closes: #155279, #202840, #287108
+  * Debconf translation updates:
+    - Macedonian updated. Closes: #320229
+
+ -- Christian Perrier <bubulle@debian.org>  Tue, 26 Jul 2005 09:17:40 +0200
+
+shadow (1:4.0.3-39) unstable; urgency=low
+
+  * Debian packaging fixes:
+    - moved `shadowconfig on` from .preinst to .postinst
+      Closes: #319138
+    - debian/passwd.linda-overrides, debian/login.linda-overrides, debian/rules:
+      Add file permissions overrides for linda similar to those we have for lintian
+    - debian/login.lintian-overrides:
+      No more file permission overrides for login
+    - debian/passwd.config:
+      let error messages from shadowconfig (and therefore underlying
+      pwck/grpck tools which use stdout for this purpose) to reach stdout
+      instead of getting into /dev/null. This helps error diagnostics and
+      supposedly Closes: #319136
+  * Programs translation updates:
+    - French completed.
+  * Man pages translation updates:
+    - 207_id-manpages: correct Indonesian manpages so that they do not
+      fail lexgrog tests by linda
+    - 206_ko-manpages: correct Korean manpages so that they do not
+      fail lexgrog tests by linda
+  * Debconf translation updates:
+    - Arabic updated from Arabeyes repository
+
+ -- Christian Perrier <bubulle@debian.org>  Fri, 22 Jul 2005 18:42:24 +0200
+
+shadow (1:4.0.3-38) unstable; urgency=low
+
+  * The "La Marseillaise" release
+  * Debian packaging fixes:
+    - changed debian/rules to generate non-versioned "Depends: login"
+      entry for hurd's "passwd" package. This allows to use native
+      Hurd's login/su, because "hurd" package seems to provide "login".
+      See: #249372 (I don't claim the bug to be dealt with though --
+      it's still not clear whether the newly built "login" package for
+      Hurd is functional).
+    - Enable shadow by default on firsttime installation even when the package
+      is not reconfigured (ie also when not called from base-config).
+      Thanks to Bastian Blank for the patch and comments
+      Closes: #316219
+    - Build shadow with debugging. Closes: #204644
+  * Programs translation updates:
+    - Hebrew translation disabled. Closes: #317805
+    - Portuguese updated. Closes: #318190
+    - Vietnamese updated. Closes: #318257
+  * Debconf translation updates:
+    - Estonian updated. Closes: #317719
+    - Hebrew updated
+  * Upstream bugs already fixed in upstream releases or CVS:
+    - Modified 356_su-stop_cont-proxy to block TSTP, TTIN, TTOU, QUIT
+      and HUP -- to do the same as in newgrp.c
+      Closes: #317747
+
+ -- Christian Perrier <bubulle@debian.org>  Thu, 14 Jul 2005 10:14:23 +0200
+
+shadow (1:4.0.3-37) unstable; urgency=low
+
+  * The "Camembert" release
+  * Upstream bugs not fixed in upstream releases or CVS:
+    - 442_useradd.8-O
+      Document useradd's "-O" option
+      Closes: #304934
+  * Debconf translation updates:
+    - Indonesian updated (sent by translator to Christian Perrier)
+    - Bulgarian updated. Closes: #317327
+    - Vietnamese added (sent by translator to Christian Perrier)
+    - Wolof added (sent by translator to Christian Perrier)
+      Closes: #317532
+  * Man pages translation updates:
+    - Really remove the too outdated Korean translation of newgrp.1
+      which doesn't even mention sg
+  * Programs translation updates:
+    - debian/patches/117_id:
+      - Indonesian translation update (sent by translator to Christian Perrier)
+  * Debian packaging fixes:
+    - login.defs
+      Fix a typo (s/dmesg/mesg/), thanks to Maximilian Attens
+      Closes: #317236
+    - Fix FTBFS for GNU/Hurd and GNU/kFreeBSD
+      - securetty.kfreebsd-gnu renamed to securetty.kfreebsd
+      - securetty.netbsd-gnu renamed to securetty.netbsd
+      - securetty.gnu renamed to securetty.hurd
+      Closes: #317304
+  * Upstream bugs not fixed in upstream releases or CVS:
+    - 443_chage_exit_values
+      chage: change the exit value to 3 when chage fails because the system is
+      not shadow enabled.
+      Closes: #317012
+    - 426_grpck_group-gshadow_members_consistency
+      grpck/pwck: fix segmentation faults
+      Closes: #317366
+    - 423_su_arguments_are_concatenated, 423_su_pass_args_without_concatenation
+      revert the patch done for #276419, because it breaks pbuilder and other
+      packages.  Also document the Debian su behavior.
+      su behave differently from FreeBSD or SUN; this issue will have to be
+      handled latter (re-open #276419).
+      Closes: #317264
+
+ -- Christian Perrier <bubulle@debian.org>  Wed,  6 Jul 2005 03:13:37 +0300
+
+shadow (1:4.0.3-36) unstable; urgency=low
+
+  * Debian specific programs fixes:
+    - Re-enable logging and displaying failures on login when login is
+      compiled with PAM and when FAILLOG_ENAB is set to yes. And create the
+      faillog file if it does not exist on postinst (as on Woody).
+      Closes: #192849
+    - do not localize login's syslog messages.
+  * Debian packaging fixes:
+    - Fix FTBFS with new dpkg 1.13 and use a correct dpkg-architecture
+      invocation. Closes: #314407
+    - Add a comment about potential sensitive information exposure
+      when LOG_UNKFAIL_ENAB is set in login.defs
+      Closes: #298773
+    - Remove limits.5 and limits.conf.5 man pages which do not
+      reflect the way we deal with limits in Debian
+      Closes: #288106, #244754
+    - debian/login.defs:
+      - Make SU_PATH and PATH consistent with the values used in /etc/profile
+        Closes: #286616
+      - Comment the UMASK setting which is more confusing than useful
+        as it only affects console logins. Better use pam_umask instead
+        Closes: #314539, #248150
+      - Add a comment about "appropriate" values for umask
+        Closes: #269583
+      - Correct the assertion about the variable defined by QMAIL_DIR
+        which is MAILDIR, not MAIL
+        Closes: #109279
+      - Move the PASS_MAX_LEN variable at the end of login.defs as this
+        is obsoleted when using PAM
+        Closes: #87301
+    - debian/passwd.config:
+      - Re-enable the password confirmation question at critical priority
+        Closes: #304350
+      - Do no prompt again for the login name when the two passwords don't
+        match while creating a new user
+        Closes: #245332
+    - debian/add-shell.sh, debian/remove-shell.sh, debian/shadowconfig.sh,
+      debian/passwd.config, debian/passwd.postinst:
+      - checked for bashisms, replaced "#!/bin/bash" with "#!/bin/sh",
+        Closes: #315767
+      - replaced "test XXX -a YYY" XSI:isms with "test XXX && test YYY",
+        for rationale see:
+        http://www.opengroup.org/onlinepubs/009695399/utilities/test.html
+      - replaced all unneeded "egrep"s with basic "grep"s
+      Closes: #256732
+    - debian/rules:
+      Remove the setuid bit on login
+      Closes: #298060
+    - debian/passwd.templates:
+      Templates rewrite to shorten them down a little and make them DTSG
+      compliant. Give more details about what the user's full name is used
+      for.
+      Closes: #287410
+    - Updated to Standards: 3.6.2 (checked)
+  * Debconf translation updates:
+    - Estonian added. Closes: #312471
+    - Basque updated. Closes: #314303
+    - Malagasy updated. Closes: #290842
+    - Punjabi updated. Closes: #315372
+    - Danish updated. Closes: #315378
+    - Polish updated. Closes: #315391
+    - Japanese updated. Closes: #315407
+    - Brazilian Portuguese updated. Closes: #315426
+    - Czech updated. Closes: #315429
+    - Spanish updated. Closes: #315434
+    - Lithuanian updated. Closes: #315483
+    - Galician updated. Closes: #315362
+    - Portuguese updated. Closes: #315375
+    - Simplified Chinese updated. Closes: #315567
+    - French updated
+    - Ukrainian updated. Closes: #315727
+    - Welsh updated. Closes: #315809
+    - Slovak updated. Closes: #315812
+    - Romanian updated. Closes: #315783
+    - Finnish updated. Closes: #315972
+    - Catalan updated. Closes: #316026
+  * Man pages translation updates:
+    - Remove the too outdated Korean translation of newgrp.1
+      which doesn't even mention sg
+      Closes: #261490
+  * Man pages correction for Debian specific issues:
+    - 402_usermod.8-system-users-range-286258:
+      Document the system user range from 0 to 999 in Debian
+      Closes: #286258
+  * Upstream bugs not fixed in upstream releases or CVS:
+    - 423_su_pass_args_without_concatenation
+      Thanks to Helmut Waitzmann.
+      Closes: #276419
+      * pass the argument to the shell or command without concatenation
+        before the call to exec.
+      * If no command is provided, the arguments after the username are for
+        the shell, no -c has to be appended.
+    - 008_su_ignore_SIGINT
+      * Also ignore SIGQUIT in su to avoid defeating the delay.
+        The gain in security is very minor.
+        Closes: #288827
+    - 424_pwck.8_quiet_option
+      pwck(8): document the -q option. Closes: #309408
+    - 425_lastlog_8_sparse
+      lastlog(8): Document that lastlog is a sparse file, and don't need to be
+      rotated. Closes: #219321
+    - 426_grpck_group-gshadow_members_consistency
+      * (grpck) warn for inconsistencies between members in /etc/group and gshadow
+        Closes: #75181
+      * (pwck and grpck) warn and propose a fix for entries present in the
+        regular /etc/group or /etc/passwd files and not in shadow/gshadow.
+    - 427_chage_expiry_0
+      Fix chage display in the case of null expiry fields (do not display
+      Never, but 01 Jan 1970)
+      Closes: #78961
+  * Upstream bugs already fixed in upstream releases or CVS:
+    - Corrected typos in chfn.1. Closes: #312428
+    - Corrected typos in gshadow.5. Closes: #312429
+    - Corrected typos in shadow.5. Closes: #312430
+    - Corrected typos in grpck.8. Closes: #312431
+    - Added patch (356th) for su to propagate SIGSTOP up and SIGCONT down.
+      Added similar patch (357th) for newgrp. Both changes only affect
+      operation with CLOSE_SESSION set to yes (in /etc/login.defs).
+      Closes: #314727
+  * Translation updates:
+    - debian/patches/010_more-i18ned-messages
+      - More messages are translatable. We will deal with the translation
+        updates after syncing with upstream.
+        Closes: #266281
+    - debian/patches/114_eu:
+      - Basque translation update. Closes: #314423
+    - debian/patches/132_vi.dpatch:
+      - Vietnamese translation update. Closes: #315840
+
+ -- Christian Perrier <bubulle@debian.org>  Mon, 20 Jun 2005 23:37:56 +0300
+
+shadow (1:4.0.3-35) unstable; urgency=low
+
+  * Re-apply the debian/patches/036_CAN-2004-1001_passwd_check patch
+    which fixed the "Adjusted password check to fix authentication bypass"
+    security issue (CAN-2004-1001)
+  * Debian packaging fixes:
+    - Add --host to config_options on cross build. Patch from NIIBE Yutaka.
+      Closes: #283729
+    - Enable login for GNU/Hurd in rules. First patch from Robert Millan.
+      Closes: #249372
+    - Cleanup passwd debconf stuff as md5 passwords are assumed since
+      1:4.0.3-19 and the resolution of #223664.
+    - Document the TTYPERM variable set to 0600 in the default login.defs file
+      Closes: #59439
+    - Make login and su use limits.so PAM module by default
+      (change made in sarge branch also)
+      Closes: #300720
+    - debian/rules: Add removal of config.log in the clean target
+    - debian/control: 
+      - Add Martin to Uploaders
+      - Remove Sam Hartman from Uploaders. The team is now setup and this
+        does not really have a real meaning now. You're still welcome for
+        NMU's, Sam, and thanks for the good work.
+    - Switching from dpatch to quilt.
+  * Debconf translation updates:
+    - Portuguese spellchecked by Miguel Figueiredo
+    - Punjabi (Gumurkhi) added, by Amanpreet Singh Alam. Closes: #309800
+  * Man pages translation updates:
+    - German completed by reference to original man page
+      Closes: #311554
+  * Debian specific programs fixes:
+    - NONE
+  * Upstream bugs not fixed in upstream releases or CVS:
+    - 421_login.1_pishing:
+      Document how to initiate a trusted path under Linux
+      Closes: #305600
+    - set CLOSE_SESSIONS to yes in login.defs, and document why.
+      Closes: #163635
+  * Upstream bugs already fixed in upstream releases or CVS:
+    - 324_configure.in-no-debian-dir:
+      Separated from 004_configure.in : this change will not be needed when
+      syncing with upstream
+    - 325_gshadow_5_manpage:
+      Add a gshadow.5 man page, and clarifications in the newgrp and gpasswd
+      man pages.
+      Closes: #113191, #166173, #169046, #251926
+    - 326_su.1_pwconv.8-typos:
+      Correct typos in su.1 and pwconv.8 man pages.
+      Closes: #309666
+  * Translation updates:
+    - 004_configure.in, 100_LINGUAS
+      Add Vietnamese to LINGUAS. Patch for LINGUAS in configure.in moved
+      from 004_configure.in to the new 100_LINGUAS patch
+    - 101_cs: Czech updated by Miroslav Kure
+      Closes: #308658
+    - 102_de: German updated by Dennis Stampfer
+    - 104_fr: French updated by Jean-Luc Coulon
+      Closes: #308909
+    - 111_ca: Catalan completed by Guillem Jover
+      Closes: #309212
+    - 108_sv: Swedish completed with the help of Magnus Holmgren
+              Encoding issues fixed
+              Closes: #309380
+    - 109_uk: Ukrainian completed by Eugeniy Meshcheryakov
+      Closes: #308647
+    - 120_nl: Dutch updated by Bart Cornelis
+      Closes: #308662
+    - 124_ru: Russian updated by Yuri Kozlov
+      Closes: #308839
+    - 129_ru: Romanian updated by Sorin Bataruc
+      Closes: #308921
+    - 130_zh_TW: Tradition Chinese updated by Tetralet
+      Closes: #311588
+    - 131_tl: Tagalog updated by Eric Pareja
+      Closes: #310386
+    - 132_vi: Correct file used for Vietnamese tanslation
+      Closes: #306614, #307251, #307262, #308479
+
+ -- Christian Perrier <bubulle@debian.org>  Fri,  3 Jun 2005 07:32:07 +0200
+
+shadow (1:4.0.3-34) unstable; urgency=low
+
+  * Debian packaging fixes:
+    - NONE
+  * Debian specific programs fixes:
+    - NONE
+  * Upstream bugs not fixed in upstream releases or CVS:
+    - 406_good_name:
+      - relaxed user/group names checking is now fixed and accepts
+        _only_ names matching '^[^-:\n][^:\n]*$'
+        Closes: #264879, #308478
+  * Upstream bugs already fixed in upstream releases or CVS:
+    - 311_high-uids.dpatch:
+      - Add large file support to lastlog and faillog. Closes: #280212
+  * Translation updates:
+    - 132_vi:
+      Vietnamese programs translation added (from upstream CVS)
+      Closes: #308479
+    - 118_it:
+      Italian programs translation updated
+      Closes: #308327
+
+ -- Christian Perrier <bubulle@debian.org>  Tue, 10 May 2005 18:24:12 +0200
+
+shadow (1:4.0.3-33) unstable; urgency=low
+
+  * The "Don't believe lintian blindly" release
+  * Urgency left to low because RC bug fixed but we leave priority
+    to sarge-targeted work
+  * Debian packaging fixes:
+    - Remove CVS id tag from the supplied login.defs file
+      Closes: #308019
+    - revert dependency on debconf which would make it required
+      Closes: #308145
+    - Add the missing add-shell, remove-shell, cppw and cpgr
+      (Debian specific) man pages
+      Closes: #162241
+    - make lintian ignore warnings about missing debconf dependency
+      in passwd.lintian-overrides
+  * Debian specific programs fixes:
+    - NONE
+  * Upstream bugs not already fixed in upstream releases or CVS:
+    - NONE
+  * Upstream bugs already fixed in upstream releases or CVS:
+    - 313_pam_access_with_preauth:
+      - allow PAM account authorization when preauthenticated
+        Closes: #193869
+    - 314_passwd.1_formatting:
+      - minor formatting fixes of passwd(1) man page
+        Closes: #304447
+    - 315_chage.1_document_expiration_removal:
+      - document expiration removal in chage(1)
+        Closes: #304542
+    - 316_vipw-race-242407:
+      - make vipw to remove /etc/{passwd|shadow|group|gshadow}.edit
+        and only then unlock
+        Closes: #242407
+    - 317_lastlog_usage_249611:
+      - Fix the lastlog usage and all the translations accordingly
+        (--user instead of --login).
+        Closes: #249611
+    - 323_passwd.1-typo:
+      - correct a typo in passwd(1) man page. Closes: #302740
+
+ -- Christian Perrier <bubulle@debian.org>  Sun,  8 May 2005 14:32:20 +0200
+
+shadow (1:4.0.3-32) unstable; urgency=low
+
+  * Switch to dpatch for upstream patches
+    This should bring more clarity to modifications
+    we make to upstream sources and help integrating
+    new upstream releases
+    Old patches have been moved quite roughly to
+    debian/patches
+  * Modified debian/rules for "Calling GNU configure properly", see
+    /usr/share/doc/autotools-dev/README.Debian.gz
+  * Debian packaging fixes:
+    - Lintian fixes:
+      - Description synopsis initial capital letters removed
+      - passwd now depends on debconf (>=0.5.00) as it uses the seen flag
+      - add login.lintian-overrides and passwd.lintian-overrides
+        files to mention setuid and setgid files and avoid lintian warning
+        about them
+    - debian/pam.d/login:
+      - Remove the confusing comment about "nullok". Closes: #207816
+    - debian/rules:
+      - Add call for dh_installdirs
+    - debian/passwd.dirs:
+      - Added
+    - debian/login.dirs:
+      - Added
+  * Debian specific programs fixes:
+    - fixed /usr/sbin/remove-shell bug with handling of non-existing/empty
+      /etc/shells file. Closes: #271565
+  * GNU config automated update: config.sub (20010907 to 20050422),
+    config.guess (20010904 to 20050422)
+
+ -- Christian Perrier <bubulle@debian.org>  Tue,  3 May 2005 11:53:12 +0200
+
+shadow (1:4.0.3-31sarge3) unstable; urgency=low
+
+  * The "please buy me a brain" release
+  * *Really* shorten down the Dutch debconf translation for the root password
+    input so that it fits in one screen. Closes: #277750
+  * man/usermod.8: *Really* document -o option in usermod
+	           Closes: #302388
+  * man/fr/po4a/fr: Removed. This directory only clutters up the diff
+	            and is not used during the build process
+  * man/de/passwd.1: Updated. Closes: #304757
+  * man/de/chsh.1: Updated.
+  * man/it/*: All files updated. Closes: #305095
+  * Translation updates:
+    - Portuguese (from the translation file sent for 4.0.8 upstream)
+      Closes: #305257
+
+ -- Christian Perrier <bubulle@debian.org>  Tue, 19 Apr 2005 19:31:43 +0200
+
+shadow (1:4.0.3-31sarge2) unstable; urgency=low
+
+  * Shorten down the Dutch debconf translation for the root password
+    input so that it fits in one screen. Closes: #277750
+  * man/usermod.8: Document -o option in usermod
+                   Closes: #302388
+
+ -- Christian Perrier <bubulle@debian.org>  Mon,  4 Apr 2005 20:28:47 +0200
+
+shadow (1:4.0.3-31sarge1) unstable; urgency=high
+
+  * Urgency set to high because of RC bug fixed. Reuploaded
+    because I messed up with the changelog first. Use this occasion
+    to start a sarge series just in case. Changes below were made
+    in the former version already.
+  * Avoid package file conflicts for woody->sarge upgrade:
+    - Add manpages-it and manpages-ko to Replaces: for login
+    - Remove manpages-de from Replaces: for login (useless)
+    - Improve readability of the Replaces line for passwd
+    Closes: #299549
+
+ -- Christian Perrier <bubulle@debian.org>  Tue, 15 Mar 2005 13:55:34 +0100
+
+shadow (1:4.0.3-31) unstable; urgency=low
+
+  * New maintainer
+
+ -- Christian Perrier <bubulle@debian.org>  Fri, 11 Mar 2005 19:28:38 +0100
+
+shadow (1:4.0.3-30.10) unstable; urgency=low
+
+  * Non-maintainer upload targeted at sarge.
+  * Programs translations:
+    - Greek updated. Closes: #293911
+    - French updated. Closes: #294330
+  * Debconf translations:
+    - Galician updated. Closes: #295543
+
+ -- Christian Perrier <bubulle@debian.org>  Mon,  7 Feb 2005 08:18:56 +0100
+
+shadow (1:4.0.3-30.9) unstable; urgency=low
+
+  * Non-maintainer upload targeted at sarge.
+  * Programs translations:
+    - German updated. Closes: #291703
+    - Tagalog added. Closes: #292353
+    - Korean updated.
+
+ -- Christian Perrier <bubulle@debian.org>  Sun, 23 Jan 2005 09:30:49 +0100
+
+shadow (1:4.0.3-30.8) unstable; urgency=low
+
+  * Non-maintainer upload targeted at sarge.
+  * Debconf translations:
+    - Tagalog added. Closes: #289837
+  * Programs translations:
+    - Traditional Chinese added. Closes: #288879
+
+ -- Christian Perrier <bubulle@debian.org>  Tue, 11 Jan 2005 11:39:18 +0100
+
+shadow (1:4.0.3-30.7) unstable; urgency=low
+
+  * Non-maintainer upload targeted at sarge.
+  * Resolv conflict with manpage-spl in login
+    as well as passwd. Thanks to Robert Luberda for
+    the notice
+
+ -- Christian Perrier <bubulle@debian.org>  Thu, 23 Dec 2004 22:23:11 +0100
+
+shadow (1:4.0.3-30.6) unstable; urgency=low
+
+  * Revert back to Ian Gulliver genuine patch
+    to chpasswd. Update man page accordingly.
+    Closes: #283961 
+    (again)
+  * Programs translations
+    - German updated. Closes: #286522
+  * Debconf translations
+    - German updated. Closes: #286522
+
+ -- Christian Perrier <bubulle@debian.org>  Mon, 20 Dec 2004 23:51:39 +0100
+
+shadow (1:4.0.3-30.5) unstable; urgency=high
+
+  * Non-maintainer upload targeted at sarge.
+    Fix release critical bug
+  * Resolve conflict with woody's manpages-pl package
+    which prevent woody->sarge upgrade if
+    manpages-pl was installed
+    Closes: #284239
+  * Programs translations
+    - Romanian added. Closes: #284338
+  * Add MD5 support to chpasswd
+    Thanks to Ian Gulliver for the patch
+    Closes: #283961
+  * Correct typos in man pages
+    Thanks to Nicolas François for the patch
+    Closes: #141322
+  * Replace "C/" with "../../" in man/fr/shadow.conf
+    for best integration in the package build process
+
+ -- Christian Perrier <bubulle@debian.org>  Thu, 16 Dec 2004 21:48:56 +0100
+
+shadow (1:4.0.3-30.4) unstable; urgency=low
+
+  * Non-maintainer upload targeted at sarge.
+    Localisation and d-i related updates only
+  * Programs translations
+    - Albanian (very partial) added.
+  * Debconf translations
+    - Hindi added. Closes: #282443
+    - Malagasy added. Closes: #282580
+    - Albanian added. Closes: #282160
+
+ -- Christian Perrier <bubulle@debian.org>  Thu, 25 Nov 2004 07:21:53 +0100
+
+shadow (1:4.0.3-30.3) unstable; urgency=high
+
+  * Non-maintainer upload: security fix using the woody patch
+    by the Security Team
+  * Adjusted password check to fix authentication bypass
+    [debian/patches/036_CAN-2004-1001_passwd_check]
+  * Debconf translations
+    - Brazilian Portuguese updated. Closes: #278051
+    - Norwegian Bokmal fixed. Closes: #277563
+  * Programs translations
+    - Indonesian updated. Closes: #277751, #277741
+
+ -- Christian Perrier <bubulle@debian.org>  Tue,  2 Nov 2004 22:28:26 +0100
+
+shadow (1:4.0.3-30.2) unstable; urgency=low
+
+  * Non-maintainer upload targeted at sarge.
+    Localisation and d-i related updates only
+  * Debconf translations
+    - Macedonian added. Closes: #275781
+    - Slovakian updated. Closes: #273585
+    - Slovenian added.
+  * Man pages translations
+    - German for vipw.8/vigr.8. Closes: #260645
+  * Fix preseeding for d-i : do not mark debconf templates as seen
+    Also remove the hack for Joey Hess login name..:)
+    Closes: #271407
+  * Ask for the user full name at critical priority so that
+    it is never empty. Closes: #257700
+
+ -- Christian Perrier <bubulle@debian.org>  Sun, 10 Oct 2004 19:02:50 +0200
+
+shadow (1:4.0.3-30.1) unstable; urgency=low
+
+  * Non-maintainer upload targeted at sarge. Localisation updates only
+  * Debconf translations
+    - Arabic added. Closes: #261022
+    - Swedish updated. Closes: #261553
+    - Bulgarian added. Closes: #262928
+    - Brazilian Portuguese updated. Closes: #263957
+    - Simplified Chinese updated. Closes: #268646
+    - Traditional Chinese updated. Closes: #268151
+    - German updated. Closes: #268051
+    - Basque synced with templates.pot
+  * Programs translations
+    - Swedish updated. Closes: #261553
+    - Russian updated. Closes: #268412
+    - Norwegian Bokmal updated. Closes: #269907
+    - Norwegian Nynorsk updated. Closes: #269907
+    - Hebrew updated. Closes: #269967
+    - Danish updated. Closes: #270083
+    - Catalan updated. Closes: #254956
+  * Man pages translations
+    - French translation completely rewritten and reviewed
+      Closes: #270168
+    - Add expiry.1 and limits.conf.5 to the list of installed man
+      pages (add two lines to passwd.files and one to rules)
+      From #270168 also.
+
+ -- Christian Perrier <bubulle@debian.org>  Tue,  7 Sep 2004 20:20:21 +0200
+
+shadow (1:4.0.3-30) unstable; urgency=high
+  * Attempt to fix FTBFS and dependency problems on hurd. Closes: #235641
+  * don't run dh_undocumented anymore as it has become angstful.
+
+  * Thanks to Christian Perrier:
+  * Debconf translations
+    - Brazilian updated. Closes: #261387
+    - Croatian added. Closes: #261418
+    - Minor corrections fo ja.po and pl.po headers
+  * Programs translations
+    - Dutch updated. Closes: #260361
+    - Hebrew added. Closes: #260722
+  * Urgency set to high because of RC bug fixed:
+  * Correct check for root password being already set in passwd.config
+    Closes: #260799
+
+  * Acknowledge 29.1 NMU: 
+    Closes: #256664, #257949, #258241, #258563, #258566, #258957,
+    #190567, #259389, #260223, #257949, #259663, #259827
+
+ -- Karl Ramm <kcr@debian.org>  Tue, 27 Jul 2004 09:38:32 -0400
+
+shadow (1:4.0.3-29.1) unstable; urgency=low
+
+  * NMU with maintainer consent
+  * Programs translations
+    - Greek updated. Closes: #256664
+    - Finnish updated. Closes: #257949
+    - Spanish updated. Closes: #258241
+    - Polish updated. Closes: #258563
+    - Indonesian added (configure.in changed accordingly). Closes: #258566
+    - French updated. Closes: #258957, #190567
+    - Slovak updated. Closes: #259389
+    - Portuguese updated. Closes: #260223
+  * Debconf translations
+    - Finnish updated. Closes: #257949
+  * Typo correction in su.1 man page. Closes: #259663
+  * Removed malloc definition in libmisc/xmalloc.c
+    Closes: #259827
+  * Lintian-driven corrections
+    - Corrected section number in several man pages:
+      - grpck.8
+      - pwck.8
+      - ja/grpck.8
+      - pl/grpck.8
+      - pl/pwck.8
+    - Replace the full GPL text in copyright by a pointer
+    - Bumped Standards to 3.6.1.1 (changes checked)
+
+ -- Christian Perrier <bubulle@debian.org>  Mon, 19 Jul 2004 17:52:24 +0200
+
+shadow (1:4.0.3-29) unstable; urgency=low
+  * Be up front on the origin of our su.  Closes: #244297
+  * The following thanks to Christian Perrier:
+  * Debconf translations
+    - Hungarian added. Closes: #256493
+    - Greek updated. Closes: #251990
+    - Brazilian portuguese updated. Closes: #256771
+  * po/POTFILES.in
+    - corrected file. No more mentions unexisting files
+      Closes: #253792
+      this change was already in 28.5 but was forgotten in the
+      changelog
+  * Acknowledge NMUs: 
+  closes: #244604, #244734, #246302, #246376, #246848, #246859,
+          #247084, #247698, #247770, #248386, #248391, #248392,
+	  #248392, #248516, #248516, #248648, #248938, #248957,
+	  #249141, #249257, #249682, #250169, #250339, #250496,
+	  #251140, #251141, #251317, #251495, #251716, #251990,
+	  #252087, #252499, #253165, #253186, #253570, #254503,
+	  #254760 
+
+ -- Karl Ramm <kcr@debian.org>  Sat,  3 Jul 2004 00:24:55 -0400
+
+shadow (1:4.0.3-28.5) unstable; urgency=low
+
+  * debian/*.files
+    - care about adding ALL existing translations. Removed hard-coded
+      file names. Closes: #248516
+      Thanks to Ruben Porras for noticing
+      This involves changes to debian/*.files with the use of
+      regexp in these files
+  * libmisc/failure.c
+    - Make use of plural forms. Closes: #251317
+  * Programs translations
+    - Norwegian Bokmal and Norwegian Nynorsk translations. Closes: #252499
+    - Dutch updated. Closes: #253165
+    - Brazilian Portuguese updated
+    - Turkish updated
+    - Korean updated
+    - Czech updated
+    - Japanese updated
+    - German updated
+    - Catalan added. Closes: #254760
+    - Italian updated
+  * Debconf translations
+    - Finnish added. Closes: #253570
+    - Danish updated
+    - Hebrew added. Closes: #253186
+    - Traditional Chinese added. Closes: #254503
+    - French updated for clarification and shorten the root password screen
+
+ -- Christian Perrier <bubulle@debian.org>  Tue, 22 Jun 2004 09:44:45 +0200
+
+shadow (1:4.0.3-28.4) unstable; urgency=low
+
+  * NMU for l10n stuff again
+  * Programs translations
+    - All languages "activated" in configure.in. Closes: #248516
+    - Russian. Closes: #250496
+    - Bosnian added. Closes: #251141
+    - Finnish update. Closes: #251495
+    - Italian update. Closes: #252087
+  * Debconf translations
+    - Norwegian Bokmal update. Closes: #250339
+    - Bosnian added. Closes: #251140
+    - Catalan updated. Closes: #251716
+    - Greek update. Closes: #251990
+    - Welsh added (directly sent by Dafydd Harries
+  * Christian Perrier
+    - debian/passwd.config : a few rewards to a few people. Just check
+      the code
+
+ -- Christian Perrier <bubulle@debian.org>  Tue,  1 Jun 2004 09:11:01 -0300
+
+shadow (1:4.0.3-28.3) unstable; urgency=high
+
+  * NMU for correcting my mistake
+  * Remove an extra "fi" in passwd.config. Closes: #250169
+  * Debconf translation updates:
+    - Norwegian Nynorsk. Closes: #249682
+
+ -- Christian Perrier <bubulle@debian.org>  Fri, 21 May 2004 06:50:13 +0200
+
+shadow (1:4.0.3-28.2) unstable; urgency=high
+
+  * NMU for Debian Installer rc1 release schedule
+  * Removed duplicate sentence in templates. Closes: #244734, #244604
+  * Move the "root password empty" check before the root password
+    confirmation. Closes: #247770
+  * Debconf translation updates:
+    - Danish. Closes: #246859
+    - Spanish. Closes: #246302
+    - Russian. Closes: #248392
+    - Simplified Chinese. Closes: #248938
+    - Lithuanian. Closes: #249141
+    - Italian. Closes: #249257
+    - Dutch sent directly by Bart Cornelis
+    - Korean sent directly by Changwoo Ryu
+    - Galician sent directly by Héctor Fernández
+    - Romanian sent directly by Eddy Petrisor
+  * Programs translation updates:
+    - Korean. Closes: #242055
+    - Japanese. Closes: #242586
+    - Polish. Closes: #246376
+    - Slovak. Closes: #247084
+    - Basque. Closes: #248386
+    - German. Closes: #248391
+    - Russian. Closes: #248392
+    - Spanish. Closes: #248516
+    - Czech. Closes: #248648
+    - Simplified Chinese. Closes: #248957
+    - Indonesian. Closes: #242813
+    - Italian sent directly by Giuseppe Sacco
+  * Translated man pages
+    - Typo correction in Brazilian Portuguese for gpasswd. Closes: #247698
+
+ -- Christian Perrier <bubulle@debian.org>  Tue, 18 May 2004 12:09:34 +0200
+
+shadow (1:4.0.3-28.1) unstable; urgency=high
+
+  * NMU for special purposes below
+  * Urgency set to high for helping out Brazilian DD's building CD's
+    for FISL conference
+  * Translation updates:
+    - Debconf:
+      - Brazilian Portuguese. Closes: #246848
+      - Spanish. Was unfortunately based on older templates hence
+        this does not close 246302
+      - Basque: Closes: #243545
+      - German: Closes: #242116
+
+ -- Christian Perrier <bubulle@debian.org>  Mon, 10 May 2004 23:23:25 +0200
+
+shadow (1:4.0.3-28) unstable; urgency=low
+
+  *  Fix login and passwd in preinst to avoid promts on woody upgrade,
+    Closes: #243099
+  * Fix login and passwd configuration file to support common-passwd
+  * Apply NMU patch from Christian Perrier, Closes: #241438
+
+ -- Sam Hartman <hartmans@debian.org>  Thu, 29 Apr 2004 16:31:25 -0400
+
+shadow (1:4.0.3-27) unstable; urgency=low
+
+  * update "da" debconf translation, closes: #241262
+  * new "pt_BR" program translation, closes: #241366
+
+ -- Karl Ramm <kcr@debian.org>  Thu,  1 Apr 2004 00:19:44 -0500
+
+shadow (1:4.0.3-26.1) unstable; urgency=low
+
+  * NMU for Debian Installe rneeds
+  * Translation updates:
+    - Debconf:
+      - French. Closes: #241438
+      - Ukrainian. Closes: #241514
+      - Swedish: #241558
+      - Japanese. Closes: #241802
+      - Danish. Closes: #241262
+      - Portuguese. Closes: #241675
+      - Polish. Closes: #243185, #242996
+      - Czech. Closes: #241877
+      - Korean. Closes: #241928
+      - Greek. Closes: #242396
+      - Turkish. Closes: #243103
+      - Slovak. Closes: #245671
+
+ -- Christian Perrier <bubulle@debian.org>  Wed, 28 Apr 2004 11:47:34 +0200
+
+shadow (1:4.0.3-26) unstable; urgency=low
+
+  * Have passwd.config fall back gracefully to useradd if adduser is
+    unavailable. closes: #240894
+
+ -- Karl Ramm <kcr@debian.org>  Wed, 31 Mar 2004 00:26:17 -0500
+
+shadow (1:4.0.3-25) unstable; urgency=low
+
+  * Update "da" program translation, thanks to Claus Hindsgaul.
+  * Update "sv" translation, closes: #239198
+  * lower debconf priority of shadow password question to 'low'
+
+ -- Karl Ramm <kcr@debian.org>  Tue, 30 Mar 2004 19:39:59 -0500
+
+shadow (1:4.0.3-24) unstable; urgency=low
+
+  * add new program translations to the file manifest. *sigh*
+    closes: #241016
+  * add "tr" debconf translation. closes: #239148
+  * Rearrange username creation dialog text to make sense in
+    new order. closes: #240607
+  * Edit the debconf templates for content.
+  * Remove the program .gmo files in the clean step. closes: #200054
+
+ -- Karl Ramm <kcr@debian.org>  Tue, 30 Mar 2004 11:37:22 -0500
+
+shadow (1:4.0.3-23) unstable; urgency=low
+
+  * increase maximum group name size to 32 for no particularly good reason
+    closes: #240456
+  * fix su man page to reflect code.  closes: #239805
+  * fix username defaulting in passwd.config. closes: #238781
+  * update "it" debconf translation. closes: #237504
+  * update "ru" debconf translation. closes: #238211
+  * update "de" debconf translation. closes: #238779
+  * update "el" debconf translation. closes: #240473
+  * add "nn" debconf translation. closes: #238590
+  * add "da" program translation. closes: #238005
+  * add "nl" program translation. closes: #238488
+  * add "pt" program translation. closes: #238796
+  * add "pt" debconf translation. closes: #239641
+  * remove spurious const, closes: #240677
+
+ -- Karl Ramm <kcr@debian.org>  Sun, 28 Mar 2004 19:46:34 -0500
+
+shadow (1:4.0.3-22) unstable; urgency=low
+
+  * Don't assume that lastlog.ll_time or utmp.ut_time or utmpx.ut_tv are made 
+    up of time_ts and timevals, because they aren't on x86-64.  Dismaying
+    but true.
+
+ -- Karl Ramm <kcr@debian.org>  Sun, 14 Mar 2004 16:53:21 -0500
+
+shadow (1:4.0.3-21) unstable; urgency=low
+
+  * Try and get the right French translation update in the right place, 
+    Karl, you can do it even if you do only speak English. Closes: #236993
+
+ -- Karl Ramm <kcr@debian.org>  Wed, 10 Mar 2004 15:31:35 -0500
+
+shadow (1:4.0.3-20) unstable; urgency=low
+
+  * Added Norwegian Bokmal debconf translation, closes: #206349
+  * tell shadow build system about new message translations
+
+ -- Karl Ramm <kcr@debian.org>  Thu,  4 Mar 2004 11:04:44 -0500
+
+shadow (1:4.0.3-19) unstable; urgency=low
+
+  * When creating a user account in psaswd.config, ask for full name
+    first, and make up a default username.  Closes: #235386
+  * "No really, assume md5 passwords". Closes: #223664
+
+ -- Karl Ramm <kcr@debian.org>  Thu,  4 Mar 2004 00:42:08 -0500
+
+shadow (1:4.0.3-18) unstable; urgency=low
+
+  * Removed po/cs.po and added new debian/po/cs.po
+    Updated Czech translation, closes: #229125
+  * Updated Japanese debconf translation, closes: #227237
+  * Updated Danish debconf translation, closes: #227619
+  * Updated Dutch debconf translation, closes: #227883
+  * Updated Brazilian Portuguese debconf translation, closes: #228080
+  * Added Simplified Chinese debconf translation
+    Added Simplified Chinese programs translation
+    Closes: #229334
+  * Added Greek debconf translation
+    Added Greek programs translation
+    Closes: #229504, #229528
+  * Added Finnish programs translation, closes: #230369
+    charset changed from UTF-8 to ISO-8859-1 as the bug patch was wrong
+  * Updated German debconf translation, closes: #232710
+  * Updated Russian debconf translation, closes: #235541
+  * Added Ukrainian debconf translation, closes: #233560
+  * Added Lithuanian debconf translation, closes: #235698
+  * thanks to Christian Perrier <bubulle@debian.org>
+
+ -- Karl Ramm <kcr@debian.org>  Wed,  3 Mar 2004 22:56:31 -0500
+
+shadow (1:4.0.3-17) unstable; urgency=low
+
+  * Fix braino in version number of example dependency in README.shells.
+    Apologies to anyone foolhardy enough to believe my documentation.
+  * Add Swedish debconf translation, closes: #225059
+  * New French debconf translation, closes: #225914
+  * Add Catalan debconf translation, closes: #227029
+  * add securetty files for the hurd, freebsd, and netbsd, closes: #200739
+
+ -- Karl Ramm <kcr@debian.org>  Sun, 11 Jan 2004 17:37:54 -0500
+
+shadow (1:4.0.3-16) unstable; urgency=low
+
+  * run dh_installdeb *after* dh_installdebconf,
+    remove . from short description of passwd, 
+    add versioned conflict with debconf older than 0.5
+    closes: #224133
+  * replace manpages-it due to man page conflict
+    closes: #224474
+  * fix the *other* su syslogs.
+    closes: #224508
+  * fix filename in control file, closes: #224579
+  * fix permissions on chage and expiry, closes: #224717
+  * run debconf-updatepo
+  * remove debian/compat as redundant
+  
+ -- Karl Ramm <kcr@debian.org>  Mon, 22 Dec 2003 19:53:30 -0500
+
+shadow (1:4.0.3-15) unstable; urgency=low
+
+  * remove bogus dependency on base-config 2.00,
+  closes: #222772, #223726
+  * New Czech translation thanks to Miroslav Kure.
+
+ -- Karl Ramm <kcr@debian.org>  Fri, 12 Dec 2003 18:40:25 -0500
+
+shadow (1:4.0.3-14) unstable; urgency=low
+
+  * exit 30 when backing all the way out in passwd.conf, and 
+    depend on base-config 2.00, closes: #222772
+  * adjust debconf templates for debian-installer work,
+    closes: #222832
+
+ -- Karl Ramm <kcr@debian.org>  Thu, 11 Dec 2003 01:53:37 -0500
+
+shadow (1:4.0.3-13) unstable; urgency=low
+
+  * Fix typo passwd.config.  Closes: #223079, #222714
+  * Let's try out this oldfangled anonymous ftp upload queue.
+
+ -- Karl Ramm <kcr@debian.org>  Mon,  8 Dec 2003 17:59:31 -0500
+
+shadow (1:4.0.3-12) unstable; urgency=low
+
+  * Explicitly use automake-1.7 and aclocal-1.7.  closes: #216594
+  * Update Danish debconf translation.  closes: #216542  
+  * Update French debconf translation.  closes: #206352
+  * Update Dutch debconf translation.  closes: #212995
+  * Remove redundant dependency on grep.  closes: #216535
+  * Fix chfn documentation bug.  closes: #213931  
+  * Fix su syslogs to be less ambiguous.  (old:new instead of old-new
+    because '-' can appear in usernames.)  Not clearer, mind you, but less
+    ambiguous.  closes: #213592
+  * Rename limits(5) to limits.conf(5) and edit to reflect reality.
+    closes: #212935
+  * Move the change_uid call in login back to where it was before -11, and
+    relocate the fork for pam_close_session above it.  closes: #211884
+
+ -- Karl Ramm <kcr@debian.org>  Sat, 25 Oct 2003 15:26:20 -0400
+
+shadow (1:4.0.3-11) unstable; urgency=low
+
+  * update Japanese debconf translation. closes: #210382
+  * update Brazilian Portugese debconf translation. closes: #208122
+  * run pam cleanup code as root. closes: #195048
+
+ -- Karl Ramm <kcr@debian.org>  Sat, 13 Sep 2003 17:49:29 -0400
+
+shadow (1:4.0.3-10) unstable; urgency=low
+
+  * postinst sources confmodule. closes: #88843
+  * Implement the pam configuration New World Order.  Wow, that was quick. :-)
+  * Implement a scheme for allowing other packages to modify /etc/shells.
+
+ -- Karl Ramm <kcr@debian.org>  Fri, 22 Aug 2003 20:58:42 -0400
+
+shadow (1:4.0.3-9) unstable; urgency=low
+
+  * fix mysterious creeping bug in po/Makefile.in.in, closes: #200052
+  * dutch debconf translation, closes: #204578
+  * switch to po-debconf, closes: #183998, #200130
+  * use automake1.7, closes: #205991
+  * update german debconf translation, closes: #94138
+  * I can't come up with a good justification as to why characters other
+    than ':'s and '\0's should be disallowed in group and usernames (other
+    than '-' as the leading character).  Thus, the maintenance tools don't
+    anymore.  closes: #79682, #166798, #171179
+  * Fix typo in /etc/pam.d/su. closes: #196804
+  * danish debconf translation, closes: #118245
+  * russian debconf translation, closes: #198729
+  * And last, but not least, what's undoubtedly going to be the most
+    popular change: md5 passwords are turned on by default, and there is
+    no prompt to change them.  Yes, this is reduced functionality.  No, it
+    can't go back in the way it was; the old code not only modified
+    conffiles, it modified *other*packages* conffiles and was a massive
+    policy violation.  I expect this change will motivate the people who
+    have said that they will come up with a proper solution to do so.
+    closes: #186016, #110228, #171808
+
+ -- Karl Ramm <kcr@debian.org>  Wed, 20 Aug 2003 02:06:50 -0400
+
+shadow (1:4.0.3-8) unstable; urgency=low
+
+  * Fix missing ':' in getopt call.  closes: #184301
+  * Don't install mkpasswd, we don't use it.  closes: #185919, #187906
+  * replaces: manpages-ko. closes: #184810
+  * Fix the message in #190567 (not closing until it's been accepted upstream)
+  * Fix brainos in login.1. closes: #184731
+  * Fixup permissions for chage.  closes: #184138
+  * Force the umask to 022 in passwd.config.  closes: #182506
+  * Add Sam Hartman <hartmans@debian.org> as an uploader.
+  * Update standards-version.
+  * Add versioned build-depend on debhelper.
+
+ -- Karl Ramm <kcr@debian.org>  Sat, 26 Apr 2003 15:34:16 -0400
+
+shadow (1:4.0.3-7) unstable; urgency=low
+
+  * When relocating a user's home directory, don't fail and remove the new
+    home directory if we can't remove the old home directory for some
+    reason; the results can be spectularly poort if, for instance, only
+    the rmdir() fails. closes: #166369
+  * run dh_installdebconf so base-config will work.  *sigh*.  closes: #166788
+
+ -- Karl Ramm <kcr@debian.org>  Sun, 24 Nov 2002 21:40:30 -0500
+
+shadow (1:4.0.3-6) unstable; urgency=low
+
+  * remove automake dependency and leave only automake1.5, since it seems
+    to confuse the alpha and mipsel autobuilders for some reason.
+
+ -- Karl Ramm <kcr@debian.org>  Sun, 13 Oct 2002 21:45:15 -0400
+
+shadow (1:4.0.3-5) unstable; urgency=low
+
+  * build-depend on libtool and automake.  oops. closes: #164545
+
+ -- Karl Ramm <kcr@debian.org>  Sun, 13 Oct 2002 01:44:47 -0400
+
+shadow (1:4.0.3-4) unstable; urgency=low
+
+  * I am unable to begin to express the bitterness that I'm now experiencing.
+  * replaces manpages-de <= 0.4-4, closes: #162097, #162173
+  * replaces manpages-fr, closes: #162150
+  * replaces manpages-hu, closes: #162126
+  * replaces manpages-ja, closes: #163511, #162095
+  * fix sg symlink, closes: #162339, #163652
+  * newgrp should be aware that getlogin() and ttyname() are not
+    guaranteed to return anything and NOT blindly assume that they
+    successfully returned a pointer to a string.  I mean, really, people,
+    that sort of thing hasn't been reliable since 4.2BSD on a VAX.  I'll
+    bet most of the working on the upstream weren't even born yet when
+    this sort of thing was commonplace (it was NEVER acceptable).
+    closes: #162303
+  * pull the manpage for the spiffy su forward. closes: #162275
+  * depend on automake1.5, and rerun the autogrunge.  This should
+    *hopefully* make it build more consistently.
+  * this concludes the biweekly treading of water.
+
+ -- Karl Ramm <kcr@debian.org>  Sat, 12 Oct 2002 14:56:16 -0400
+
+shadow (1:4.0.3-3) unstable; urgency=low
+
+  * the "fix the brain damage" release
+  * fix pam brain-damage in ch{age,passwd}, {group,user}{add,del,mod}, newusers
+    closes: #162181, #162199, #162228 
+  * fix vipw symlink brain-damage: closes: #162218
+  * fix package description brain damage, closes: #139563
+  * install cp{pw,gr} brain damge
+
+ -- Karl Ramm <kcr@debian.org>  Wed, 25 Sep 2002 01:21:35 -0400
+
+shadow (1:4.0.3-2) unstable; urgency=low
+
+  * fix "su -".  closes: #162089
+  * document exit codes of groupdel and userdel (again, for userdel)
+    closes: #161861
+  * clean up logoutd cleanup
+
+ -- Karl Ramm <kcr@debian.org>  Mon, 23 Sep 2002 19:44:40 -0400
+
+shadow (1:4.0.3-1) unstable; urgency=low
+
+  * new upstream version! closes: #149444, #150237, #145415
+  * completely new packaging!
+  * all new bugs!
+  * old bugs as well!
+  * remove /etc/init.d/logoutd, like the old postrm should've, closes: #160682
+  * fix passwd manpage, closes: #160477, #122797
+  * fix lastlog manpage, closes: #159886
+  * add as many virtual console devices as I seem to have to securetty,
+    closes: #156472
+  * add ttyS0 and tts/0 to securetty.  closes: #130138
+  * su should not segfault if nobody has uid 0.  closes: #139967
+  * install and use translations.  closes: #118238
+  * upstream uses new automake.  closes: #114935
+  * add russian template file for password.  closes: #130358
+  * handle template installation correctly.  closes: #156674
+  * don't place a maximum restriction on the length of passwords.
+    closes: #159487
+  * fix description. closes: #145459
+  * update config.{guess,sub}
+
+ -- Karl Ramm <kcr@debian.org>  Wed, 18 Sep 2002 10:14:08 -0400
+
+shadow (20000902-12) unstable; urgency=high
+
+  * "oops"
+  * /etc/login.defs: /var/spool/mail -> /var/mail, closes: #125311
+
+ -- Karl Ramm <kcr@debian.org>  Sun,  7 Apr 2002 11:54:48 -0400
+
+shadow (20000902-11) unstable; urgency=low
+
+  * Fix some nits:
+  * remove changelog~ file.  oops.  closes: #139711
+  * fix typo in control.  closes: #139564
+  * Hmmm.  People open more bugs when I upload new versions of things.
+    Maybe they just notice them more then, or maybe it's just Murphy.
+
+ -- K. Ramm <kcr@debian.org>  Tue, 26 Mar 2002 12:14:33 -0500
+
+shadow (20000902-10) unstable; urgency=low
+
+  * We hates the automake.  We hates it forever.  closes: #139293
+  * stupid ommision: logoutd still in postinst.  closes: #139422
+  * make login.defs a bit clearer. closes: #138809
+
+ -- Karl Ramm <kcr@debian.org>  Fri, 22 Mar 2002 12:09:07 -0500
+
+shadow (20000902-9) unstable; urgency=medium
+
+  * Get rid of logoutd, it doesn't work, didn't work in potato, and now
+    it's causing people to open RC bugs.  closes: #138259, #66153,  #121940
+    I'm told the timeoutd package does a better job anyway.
+  * add /bin/tcsh to /etc/shells, closes: #118103, #122112
+  * add /bin/ksh to /etc/shells, closes: #123556
+  * remove text about password aging from passwd(5), closes: #137493
+  * spanish debconf template for passwd, closes: #136463
+  * document the fact that you can not have a valid password in
+    /etc/shadow.  closes: #131690
+  * /etc/login.defs: /var/spool/mail -> /var/mail, closes: #125311
+  * fix locations of utmp and wtmp in login(1), closes: #119656
+  * The package description for passwd refers to README.Debian.gz
+    but only README.debian.gz actually exists.  Most packages use
+    README.Debian.gz, but the control file is the only place that gets it
+    wrong for this package.  When in doubt, fix the documentation. :-)
+    closes: #116955
+
+ -- Karl Ramm <kcr@debian.org>  Thu, 14 Mar 2002 17:05:56 -0500
+
+shadow (20000902-8) unstable; urgency=low
+
+  * check in passwd.expire.cron for already-expired passwords; closes: #102319
+  * note in chage.1 and shadowconfig.8 that password aging information
+    only works when shadow passwords are enabled. closes: #103702
+  * enable changing the name in chfn by default. closes: #107819
+  * fail to mangle files in lib/commonio.c, thanks to matt@linuxbox.nu
+  * add /dev/console to the secure ttys list.  because.  closes: #113949
+  * find the FHS mail spool first in configure.  closes: #114951
+    (thanks to mjb@debian.org)
+  * above sadly causes automake to go bonkers, and I don't want to
+    reassemble the build system before woody is released.  Keep automake
+    from going off on its own.
+  * terminate argument validation in login when it hits a '--'.
+    closes: #66368
+  
+ -- Karl Ramm <kcr@debian.org>  Mon, 22 Oct 2001 11:17:35 -0400
+
+shadow (20000902-7) unstable; urgency=low
+
+  * the "I'm sorry, I should've done this earlier" release
+  * Cancel login timeout after authentication so that patient people
+    timing out on network directory services can log in with local
+    accounts.  Closes: #107148
+  * Add Brazillian Portugese debconf template translation for passwd.
+    Closes: #105292, #93223
+  * Pull /usr/share/doc/$package/README.shadow-paper.gz.  Closes: #98058
+  * Use getent instead of group to verify existence of shadow group
+    [works better for distributed group files].  Closes: #99902
+    [Note that this sort of problem is rampant in these postinst and
+    config scripts, but that's not getting fixed in woody.]
+  * Amend reference to /usr/doc in shadowconfig.8.  Closes: #102804
+  * su should set $USER.  Closes: #102995
+  * userdel now deletes user groups from /etc/gshdow as well as
+    /etc/group.  Closes: #99442
+  * grpck now has an (otherwise undocumented) -p option, so that
+    shadowconfig can clean up the results of the above, so the config
+    script will fail randomly less often.  Closes: #103385
+
+ -- Karl Ramm <kcr@debian.org>  Wed, 22 Aug 2001 12:09:27 -0400
+
+shadow (20000902-6.1) unstable; urgency=low
+ 
+  * Non-maintainer upload.
+  * Upgrade to latest config.sub and config.guess.  Closes: #88547
+ 
+ -- Gerhard Tonn <gt@debian.org>  Fri,  1 Jun 2001 20:38:43 +0200
+                                                              
+shadow (20000902-6) unstable; urgency=medium
+
+  * actually set root's password when appropriate
+    patch thanks to joeyh, closes #98402
+  * fix error in expiry man page.  Such damage. closes: #99291
+  * fix group of setgid program chage and expiry, closes: #98122
+
+ -- Karl Ramm <kcr@debian.org>  Thu, 31 May 2001 07:38:59 -0400
+
+shadow (20000902-5) unstable; urgency=low
+
+  * add build dependency on file, to keep libtool happy. closes: #97498
+
+ -- Karl Ramm <kcr@debian.org>  Wed, 16 May 2001 06:57:23 -0400
+
+shadow (20000902-4) unstable; urgency=low
+
+  * Change maintainers, closes: #92355
+
+ -- Karl Ramm <kcr@debian.org>  Sun, 13 May 2001 03:28:07 -0400
+
+shadow (20000902-3.1) unstable; urgency=low
+
+  * Non-maintainer upload
+  * Recompile to fix ARM lossage 
+
+ -- Philip Blundell <philb@armlinux.org>  Sun, 11 Mar 2001 07:47:27 -0500
+
+shadow (20000902-3) unstable; urgency=low
+
+  * Update config.sub and config.guess so ia64 compiled, closes: #81897
+  * libmisc/sub.c: skip '*' in shell name when doing subsystem, closes:
+    #82893
+  * src/su.c: don't assume uid 0 == "root", use getpwuid to fetch it,
+    closes: #81924
+  * This was fixed in a previous version, closes: #77057
+  * Update passwd long desc, closes: #88299
+  * Conflict with suidmanager << 0.5, and remove suid{,un}register calls,
+    closes: #87157
+  * Update policy to 3.5.0.0
+  * Added debconf support for passwd from base-config
+
+ -- Ben Collins <bcollins@debian.org>  Sat,  3 Mar 2001 07:26:57 -0500
+
+shadow (20000902-2) unstable frozen; urgency=low
+
+  * control.hurd->control.gnu: closes: #77940
+  * Cannot reproduce, closes: #79447
+  * User never sent a patch, plus I think removing the passwd/account when
+    doing passwd -l is a bad idea. Makes it so you cannot unlock the
+    account. closes: #77824
+  * Don't allow shadowconfig to change perms of other binaries, close: #77057
+  * IMO, this is not a bug. It's part of a feature, and can be disabled by
+    turning off USER_GROUPS. closes: #76806
+  * /bin/login is suid root for several good reasons. For one, it allows
+    daemons that use it to run as non-root. This is a good thing since it
+    means only one program is running as root, and not several. closes: #17911
+  * sulog is fairly easy to grep or parse so I don't see how the
+    similarity of the log entries for failed and successful is a problem.
+    '-' for failed, '+' for success. closes: #63801
+  * logoutd.8: s,/etc/utmp,/var/run/utmp, closes: #80494
+  * Fix case where pam_auth returns a NULL username, closes: #76817, #75510
+  * Hmm, Linux is a sysv derivative, so the comment is perfectly
+    legitimate, closes: #76898
+  * MAX_PASSWORD is used by useradd, and CHFN_AUTH is actually used by
+  * chfn to decide if the current user needs to auth in order to change
+    their info, closes: #71114
+  * login.1: Fix \' closes: #75435
+  * login -f works for me assuming you call it as root. I tested this with
+    plain pam_unix.so, and also with pam_unix.so stacked with pam_ldap.so.
+    So if it doesn't work with telnet-heimdal, then that program is not
+    doing something right. closes: #78186
+  * login.pam.d: made pam_nologin.so requisite. closes: #80111
+  * su to root seems pretty quick to me, closes: #64756
+  * xmalloc.c: remove decleration of malloc, which was causing system
+  * header conflicts. closes: #80398
+
+ -- Ben Collins <bcollins@debian.org>  Sun, 31 Dec 2000 14:33:47 -0500
+
+shadow (20000902-1) unstable frozen; urgency=low
+
+  * New upstream release, lots of Debian patches merged, closes: #72735
+  * man/passwd.1: removed reference to passwd(3), closes: #72704
+  * man/chsh.1,man/chfn.1: document login.defs affects on these programs,
+    closes: #68029
+  * not a bug, expected behavior, closes: #74137
+  * IMO, this is a bug in the user's setup, closes: #65600
+  * securetty: add devfs console devices, closes: #71946
+  * libmisc/sulog.c: removed arbitrary limit on number of chars printed of
+    the tty name (truncated to 6 chars, which is silly), closes: #65404
+  * tested this, and it works fine for me so long as pam_unix.so is called
+    with the nullok option (which it isn't by default because of security
+    concerns), closes: #75063
+  * appears to be fixed by PAM, closes: #70627
+  * src/useradd.c: user mkstemp instead of mktemp, per libc6 linktime
+    warning
+  * src/su.c: fixup arg handling passed to shell, closes: #75326
+
+ -- Ben Collins <bcollins@debian.org>  Mon, 23 Oct 2000 13:22:29 -0400
+
+shadow (19990827-21) unstable frozen; urgency=low
+
+  * Added build deps
+  * Use pre-generated files for hurd/linux control file. The old method of
+    using cpp would have broken with the new gcc.
+
+ -- Ben Collins <bcollins@debian.org>  Wed, 26 Jul 2000 21:04:03 -0400
+
+shadow (19990827-20) unstable frozen; urgency=low
+
+  * Release Manager
+    None of these are marked as RC in the BTS, however, they do make the
+    package unsuitable for release. Since this is an essential package (IOW,
+    installed on every Debian system), I hope you can see how important it
+    is to make sure this package is perfect. None of the changes are
+    functional (except the fix in logoutd's init script, which was a 20 char
+    change), so please consider this for the next test cycle.
+  * Fix logoutd init script from spurious output when /etc/porttime is not
+    there, closes: #63962, #64067
+  * su: Fix typo in usage output, closes: #60226
+  * passwd: Fixed typo and missing newline in output for successful password
+    change, closes: #64106, #63703
+  * passwd.1: Add documentation on the -f, -e, -s and -d command line
+    options, closes: #64339, #64410
+  * login: Verified that utmp/wtmp works when called by telnet with -h
+    option, closes: #56854
+
+ -- Ben Collins <bcollins@debian.org>  Tue, 23 May 2000 14:40:01 -0400
+
+shadow (19990827-19) unstable frozen; urgency=low
+
+  * debian/local/shells: added esh, closes: #59934
+  * logoutd: modify to work with pam_time.so's time.conf file, modify
+    manpage to reflect this, closes: #61300
+  * userdel.8: added note about group removal, closes: #56723
+  * base-config handles md5 setup, closes: #60125
+  * cppw: make sure it gets installed, closes: #62960
+  * passwd: correct error message for "not you", closes: #61313
+  * sulog.c: fixed extern for char (char foo[] -> char *foo), closes: #61643
+  * userdel.8: documented userdel's exit values, closes: #54775
+  * passwd: error messages are two fold, the second is actually from
+    pam_strerror(), closes: #61937
+  * passwd: print "success" on successful password change, closes: #58676
+
+ -- Ben Collins <bcollins@debian.org>  Sat, 29 Apr 2000 10:26:56 -0400
+
+shadow (19990827-18) unstable frozen; urgency=low
+
+  * Crap, all the bug fixes from -17 need to go to frozen too
+
+ -- Ben Collins <bcollins@debian.org>  Tue, 29 Feb 2000 14:57:14 -0500
+
+shadow (19990827-17) unstable; urgency=low
+
+  * Fixed typo in login.defs, closes: #54877
+  * logoutd.init.d: Check for /etc/security/time.conf, closes: #54900
+  * login.defs: Added note about the MAIL env option, closes: #54768
+  * login.pam.d,passwd.pam.d: Use new options in pam_unix.so to enable
+    obsure password checks. This mimics the old behavior in pre-PAM
+    shadow, closes: #58203
+  * Use patch from Topi Miettinen <tom@pluto.nic.fi> to add pam session
+    ability to su, closes: #57526, #55873, #57532
+  * Made login's -f option also able to use the username after -- if none
+    was passed as it's optarg, closes: #53702
+
+ -- Ben Collins <bcollins@debian.org>  Mon, 28 Feb 2000 12:37:22 -0500
+
+shadow (19990827-16) unstable; urgency=low
+
+  * got rid of g+s directories in the source tarball, closes: #54585
+  * make su mode 4755 in the package. This way there is no chance of a
+    failed dpkg install causing it to be left without suid root perms
+    before suidmanager or chmod is called in the postinst.
+  * src/login.c: added faillog support to the pam_authenticate loop. This
+    loop is now completely rewritten, and should produce better results on
+    failures, closes: #53164
+
+ -- Ben Collins <bcollins@debian.org>  Sun,  9 Jan 2000 23:35:08 -0500
+
+shadow (19990827-15) unstable; urgency=low
+
+  * src/su.c: moved signal() call to re-establish SIGINT to right place,
+    closes: #54496
+  * src/login.c: if hostname is blank (not a remote login via rlogin or
+    telnet), then use the tty to log failures in syslog, closes: #53966
+  * passwd: Locking a password by appending '!' appears to be pretty
+    standard, so ssh needs to check for it.
+  * passwd and login come with a README.pam that discusses the differences
+    between the PAM and old non-PAM versions. It also talks about where to
+    look for details. Also now that I have added the extra examples to the
+    pam.d files, I hope this satisfies...closes: #52917
+  * A new package, base-config, which will be used by boot floppies is
+    going to have an option to configure MD5 usage for passwords. Since
+    this is the best place for it, and I don't really have any control
+    over it, I am .... closes: #47620
+  * libmisc/chowntty.c: applied patch for read-only root, closes: #52069
+
+ -- Ben Collins <bcollins@debian.org>  Sat,  8 Jan 2000 22:11:29 -0500
+
+shadow (19990827-14) unstable; urgency=low
+
+  * debian/local/shells: added /bin/zsh, closes: #53883
+
+ -- Ben Collins <bcollins@debian.org>  Sun,  2 Jan 2000 13:51:42 -0500
+
+shadow (19990827-13) unstable; urgency=low
+
+  * su.c: ignore SIGINT while authenticating, closes: #52372
+  * su.pam.d: added 2 new examples of how to allow su for wheel users
+    without prompting for a password, and also how to deny users of a
+    specific group.
+
+ -- Ben Collins <bcollins@debian.org>  Sat,  1 Jan 2000 22:29:46 -0500
+
+shadow (19990827-12) unstable; urgency=low
+
+  * Recompiled against latest libpam and up'd the module deps,
+    closes: #52171
+  * login.pam.d: added "noenv" option so we don't clobber login's setting,
+    closes: #51441
+
+ -- Ben Collins <bcollins@debian.org>  Tue, 14 Dec 1999 22:41:40 -0500
+
+shadow (19990827-11) unstable; urgency=low
+
+  * debian/passwd.in: add a preinst (matches login's) to fix the latest
+    build change (only affected hurd since it doesn't use login).
+  * debian/scripts/passwd.mk: use passwd.preinst instead of login.preinst
+    to complete the fix above.
+
+ -- Ben Collins <bcollins@debian.org>  Mon,  6 Dec 1999 18:25:07 -0500
+
+shadow (19990827-10) unstable; urgency=low
+
+  * src/login.c: only set pam_fail_delay if > 0. Also make the default 0
+    so not defining it has the same affect as disabling it, closes: #51178
+  * src/userdel.c: make sure we remove the shadow group entries when
+    removing the users own group, closes: #50005, #50138
+
+ -- Ben Collins <bcollins@debian.org>  Fri, 26 Nov 1999 22:37:44 -0500
+
+shadow (19990827-9) unstable; urgency=low
+
+  * src/su.c: Fixed getopt parsing, and added a usage output
+  * man/su.1: minor typos
+
+ -- Ben Collins <bcollins@debian.org>  Mon,  8 Nov 1999 22:13:05 -0500
+
+shadow (19990827-8) unstable; urgency=low
+
+  * src/login.c: fixed loggin of username on succesful login (was using
+    the normal username, when it should have used pam_user),
+    closes: #47819
+  * src/login.c: check for hushed login and pass PAM_SILENT if true,
+    closes: #48002
+  * src/useradd.c: set def_shell to /bin/bash, closes: #48304
+  * doc/README.debian: add note about how to avoid issues with nscd's
+    lag in aging the cache, closes: #48629
+  * src/cppw.c: new program to assist copying a passwd/group file without
+    corruption, closes: #42141
+
+ -- Ben Collins <bcollins@debian.org>  Tue,  2 Nov 1999 21:46:28 -0500
+
+shadow (19990827-7) unstable; urgency=low
+
+  * {passwd,login}.pam.d: added blurb about how to use the pam_cracklib
+    module, and also changed it to use pam_unix and not pam_pwdb (gah!
+    how did that happen?), closes: #46983
+  * README.debian: changes to reflect new PAM usage aswell as removing
+    references to obsolete config files, closes: #46595
+  * passwd.expire.cron: example script that informs users by email when
+    their accounts are about to expire, closes: #41393
+  * lastlogin.c: added -h option and usage aswell as long option support,
+    closes: #45804
+  * shadow now only has 3 wishlist bugs and nothing else
+
+ -- Ben Collins <bcollins@debian.org>  Sat,  9 Oct 1999 11:54:16 -0400
+
+shadow (19990827-6) unstable; urgency=low
+
+  * debian/shells: new file, needed to include /bin/sash, closes: #45826
+  * useradd.8,groupadd.8: added note about the prefered use of adduser
+    and addgroup when conforming to Debian policy (taken from notes in
+    adduser's man pages), closes: #22821
+  * dialups.5: new man page that documents /etc/{dialups,d_passwd},
+    closes: #42212
+  * src/su.c: added -m, -p and -s command line options to match GNU options,
+    also documented in su(1), closes: #45394, #46424
+  * login.defs.5: clarified usage of TTYTYPE_FILE, closes: #23194
+  * login.pam.d: added pam_issue.so which replaces the old ISSUE_FILE from
+    login.defs, this also allows it to grok escapes in the issue file,
+    also increases the MODDEPS to (>= 0.69-10). By default this module is
+    not enabled, closes: #21044
+  * login.defs.pam.linux: added ISSUE_FILE to list of deprecated options
+
+ -- Ben Collins <bcollins@debian.org>  Mon,  4 Oct 1999 19:56:22 -0400
+
+shadow (19990827-5) unstable; urgency=low
+
+  * {login,su}.1: added description of a subsystem login, closes: #31987
+  * src/chowndir.c: fixed recursive chown's on usermod, also changed it
+    to use lchown and lstat since we actually want that, closes: #46405
+  * su.1: removed reference to suauth aswell as added "-c" to the SYNOPSIS,
+    closes: #45685
+  * login.1: added options to the SYNOPSIS and documented OPTIONS,
+    closes: #28763
+  * login.defs.5: documented the ENVIRON_FILE options (even though it's
+    not really used in the PAM version), close: #28786
+  * 010_src_gpasswd.c: new patch, fixes changing group passwords when not
+    using shadow groups, closes: #25919
+  * {chfn,chsh,login}.pam.d: added nullok to pam_unix.so auth line to
+    allow for passwordless accounts, closes: #46510
+  * login.pam.d: add "standard" to the pam_mail option so we get old
+    style "You have..." login messages.
+
+ -- Ben Collins <bcollins@debian.org>  Sun,  3 Oct 1999 13:41:53 -0400
+
+shadow (19990827-4) unstable; urgency=low
+
+  * Alright, we are really getting some usage from this now, and seeing
+    some odd ball setups, so it means more work for me, but more stable
+    and feature filled software for you :)
+  * debian/{login,su}.pam.d: Fixed spelling errors, closes: #45234, #45235
+  * debian/login.pam.d: Added commented pam_access.so reference and
+    description, closes: #45241
+  * src/login.c: moved usage of setup_uid_gid() when PAM is enabled or
+    pam_groups.so's groups get clobbered
+  * src/newgrp.c: don't call sanitize_env() and also make sure we don't
+    check passwords when the user is trying to get back to their default
+    group, closes: #22244
+  * Closed some other bugs that were either not really bugs, or they weren't
+    reproducable.
+  * debian/login.pam.d: moved around the pam_motd and pam_mail modules to
+    order them the same as old login would have done
+
+ -- Ben Collins <bcollins@debian.org>  Sun, 19 Sep 1999 19:42:13 -0400
+
+shadow (19990827-3) unstable; urgency=low
+
+  * This is a "Sit down and really fix some bugs" update. I'm going through
+    the ones that really need some work.
+  * src/vipw.c: use the system() call to invoke the editor so that it accepts
+    command line args in the EDITOR and VISUAL environment vars, closes: #31029
+  * src/userdel.c: added code to remove user groups (of the same name) if there
+    were no members left and USERGROUPS_ENAB is set to yes, closes: #35046
+  * login.defs: documented above change
+  * {login,passwd}.postinst: fixed some bashisms, closes: #45159
+  * login.defs.pam.linux: documented the FAKE_SHELL option, closes: 31987
+  * su.1,login.1: documented the subsystem root ability in login and su, closes: 
+  * doc directory for both packages now includes the README.shadow-paper file
+    closes: #15391
+
+ -- Ben Collins <bcollins@debian.org>  Sun, 19 Sep 1999 15:49:11 -0400
+
+shadow (19990827-2) unstable; urgency=low
+
+  * debian/rules: use "$(CC) -E" instead of "cpp" to make it easier to
+    cross compile for Hurd (requested by Marcus Brinkman).
+  * debian/login.pam.d: forgot to remove that comment about login not
+    being PAMified, it is and works fine.
+  * src/login.c: Added login.defs option to turn on and off the persistent
+    login, also give note on when it isn't and is needed in login.defs.
+  * lib/getdef.c: Added CLOSE_SESSIONS for above code.
+  * man/login.defs.5: document the new CLOSE_SESSION option for login
+  * logoutd: disabled until I can fix it to grok /etc/security/time.conf
+
+ -- Ben Collins <bcollins@debian.org>  Mon, 13 Sep 1999 18:57:47 -0400
+
+shadow (19990827-1) unstable; urgency=low
+
+  * New Maintainer, with Guy's consent.
+    closes: #22296, #22331 (closed some NMU bug reports)
+  * New upstream release, closes: #15879, #24712, #25739, #28785, #32991
+    closes: #38672, #39933, #41060, #42480, #22534, #12690, #36150, #26412
+    closes: #40398, #43750
+  * Ok, now for some dusting and house cleaning (aka The Bug Killfile
+    Begins Here):
+  %%- login package
+    - Not a bug in login anymore, closes: #28098
+    - No longer pertinent, and is not controlled by the login program,
+      closes: #23155
+    - This does not appear to be a bug anymore, closes: #32424
+    - This is not a login problem. Xterm itself prints the LOGIN message
+      and it does _not_ read login.access, closes: #16958
+    - Seems to be fixed, closes: #28098
+    - Huge list of "Fixed" bugs, that I want to close. I really need to
+      start with a clean slate in order to get some of this cleaned up,
+      closes: #3439, #11443, #13485, #13815, #15176, #15998, #16187, #17529
+      closes: #17532, #17532, #18133, #18225, #20052, #20876, #21280, #21357
+      closes: #21687, #21695, #21746, #21767, #22716, #24710
+    - lastlog(8): Clarified differences in the usage of "login-name" and
+      UID, closes: #26727
+  %%- passwd package
+    - newuser: appears to be working correctly and placing x, not !,
+      closes: #19620
+    - userdel(8): added note about user's mail spool also being deleted,
+      closes: #20790
+    - Can't reproduce this one, closes: #21639
+    -  -e expire_date
+          The  date  on  which  the user account will be dis-
+          abled.   The  date  is  specified  in  the   format
+          MM/DD/YY.
+      Bug filer was trying to use an integer instead of the documented
+      format, closes: #22533
+    - chfn's command line options seem to work for root and non-root,
+      closes: #25396
+    - seems to have been fixed by the latest upstream, #25670
+    - Removed references to shadow(3), closes: #32859
+    - passwd only saves first 8 chars...duh :) closes: #33368
+    - userdel can only do so much, the admin should know to check some
+      things on their own, closes: #35418
+    - Lot's of Y2K issues fixed in this release, closes: #37232
+    - useradd requires the -m option to make it create a home directory
+      if one does not exist, closes: #39581
+    - useradd's -p option requires the password to already be encrypted
+      as documented in useradd(8), closes: #39870, #39874
+    - More "Fixed" bugs in passwd, closes: #13753, #16893, #17894, #18132
+      closes: #18628, #12691
+  %%- su (no longer a package, but has bugs just the same, will be
+      forwarded to the login package soon)
+    - Sorry, but su (all su's) invoke the shell with -c "cmd". This is
+      documented, not a bug, it's a standard interface that su expects,
+      go fix sash's bug for not supporting it, closes: #14551
+    - Acknoledged NMU: closes: #20058
+    - More "Fixed" bugs getting closed...CLOSED AT LAST, closes: #17593
+      closes: #20057, #12689
+  * Switched to a new build setup (dbs)
+  * Split makes into seperate files to make it a little cleaner
+  * FHS compliance changes (usr/{doc,man} to usr/share/{doc,man})
+  * debian/tar.c: removed
+  * su: su is now going to be provided by shadow's login package and
+    removed from shellutils (the shellutils maintainer agreed to this)
+    in preperation for future PAM support. Added conflicts with older
+    version of shellutils that does provide the su binary.
+  * debian/control.in: removed the secure-su package since login now
+    contains su and all of it's components
+  * debian/control.in: modified the package descriptions to be a little
+    more explicative of what they do.
+  * Upgraded standards version to 3.0.1.1
+  * Setup suidmanager support for all +s apps, closes: #15705, #15704, #15699
+  * Enabled PAM. Support now for su, passwd, chfn, chsh. I am working on the
+    support in login.
+  * expiry: Changed to be installed as sgid shadow instead of suid root
+    since it doesn't need root priviledges. Also added man page expiry(1) based
+    on the comments found in expiry.c.
+  * Removed bashism's in control scripts. Now lintian clean (smells fresh too)
+  * chage.c: Keep chage from locking when not running as root, since it just
+    needs to read the shadow and password files. This let's it run sgid shadow
+    instead of suid root. When run as root, it can lock files for editing.
+  * login.c: Pam support Works For Me(tm)!
+  * login.c: Fixed PAM's auth when PAM_USER was not set from the command line,
+    also call pam_fail_delay() with FAIL_DELAY as the arg before authentication.
+  * etc/login.defs.pam.linux: new file, reflects options that PAM takesover
+  * etc/login.defs.pam.hurd: new file, same for Hurd
+  * debian/passwd.mk: make sure that login.defs.5 get's installed for Hurd
+  * pam.d/: Modified defaults for each service to reflect the old style and also
+    added commented options on how to enable obsoleted options from login.defs
+    in the PAM Way(tm).
+  * debian/rules: removed --disable-desrpc from configure options since it was
+    supposedly just a workaround for glibc 2.0
+  * src/login.c: reset pam_fail_delay after every failure
+  * debian/rules: remove debian/files on clean target
+  * src/login.c: removed setup_limits() and check_nologin() usage when PAM is
+    enabled
+  * debian/login.pam.d,debian/login.defs.pam.linux: made notes about the pam_limits.so
+    module, as well as pam_nologin.so
+  * debian/su.pam.d: made notes about pam_limits.so module
+  * debian/control.in: removed depends on libpam-motd since it is now in libpam-modules,
+    also make login conflict with secure-su
+  * debian/*: setup so that Hurd does not get PAM, since they don't have it ported
+    completely yet.
+  * debian/*: Final approach to a final upload, modified login.postinst to check old
+    obsolete conffiles to see if the user needs a notice that they are no longer used.
+
+ -- Ben Collins <bcollins@debian.org>  Sat, 11 Sep 1999 19:58:14 -0400
+
+shadow (980403-0.3.3) unstable; urgency=low
+
+  * Non maintainer upload.
+  * Add dpkg-architecture and cross compilation support to the package.
+  * Changes for the Hurd:
+    + Only build passwd, add etc/login.defs.hurd to this package.
+    + libmisc/rlogin.c: Conditionalize CBAUD, which is not portable.
+
+ -- Marcus Brinkmann <brinkmd@debian.org>  Thu,  5 Aug 1999 00:28:12 +0200
+
+shadow (980403-0.3.2) unstable; urgency=low
+
+  * configure.in patched for utmpx.h (for arm)
+  
+ -- Jim Pick <jim@jimpick.com>  Sun,  4 Oct 1998 19:06:15 -0700
+
+shadow (980403-0.3.1) frozen unstable; urgency=low
+
+  * Non maintainer upload.
+    changes.{guess,sub} changed to recognize a Arm architecture.
+
+ -- Turbo Fredriksson <turbo@debian.org>  Fri, 14 Aug 1998 22:37:58 -0400
+
+shadow (980403-0.3) frozen unstable; urgency=high
+
+  * Non maintainer upload.
+  * src/login.c: Applied patch from <marekm@i17linuxb.ists.pwr.wroc.pl> to
+    fix security hole of login not checking the return code from setgid(),
+    initgroups() or setuid(). [#24710]
+
+ -- James Troup <james@nocrew.org>  Fri, 17 Jul 1998 18:56:31 +0100
+
+shadow (980403-0.2) frozen unstable; urgency=low
+
+  * (login.defs): fixed UMASK
+    (thanks to James Troup for noticing my screwup :)
+  * Pruned non-Debian changelog entries.
+
+ -- Joel Klecker <jk@espy.org>  Mon, 11 May 1998 11:25:22 -0700
+
+shadow (980403-0.1) frozen unstable; urgency=low
+  
+  * Non-maintainer release.
+  * New upstream release (18225).
+  * (debian/login.postinst)
+    * Use 'touch' instead of 'cat >' when creating /var/log/faillog
+      (15998,16187,21687).
+    * No longer fails if no previous configured version exists (11433).
+  * (gpasswd): now checks which user invoked it before calling setuid() (18132).
+  * (debian/passwd.postinst): removed bashism (13753).
+  * (groupmod): NULL dereference fixed upstream, as a result, it no longer
+    dumps core when changing group name (16893,17894).
+  * (useradd): no longer segfaults if /etc/default/useradd is missing (18628).
+  * (login.defs.1): now documents more options (13485).
+  * (source): includes 'missing' (13815,18133,21280).
+  * (login.1):
+    * Removed mention of "d_passwd(5)", which doesn't exist,
+      and login.defs.5 now documents /etc/dialups (15176).
+    * Added /etc/nologin to FILES section and reference nologin(5) (21695).
+  * The URL mentioned in Bug#15391 is no longer valid.
+  * (login.defs): no longer sets ULIMIT (17529).
+  * (login):
+    * No longer uses static buffers for group lines (17532).
+    * Doesn't seem to make assumptions about gid_t any longer (21767).
+  * (faillog.8): s-/usr/adm-/var/log-g (19974).
+  * (lastlog.8): notes that "some systems" use /var/log instead of
+    /usr/adm (21746).
+  * Install upstream changelog as 'changelog.gz' as per policy (20052).
+  * (secure-su): Changed /etc/suauth to reference the group 'root'
+    instead of 'wheel' (17593).
+  
+ -- Joel Klecker <jk@espy.org>  Thu, 30 Apr 1998 18:32:12 -0700
+
+shadow (970616-1) unstable; urgency=low
+
+  * Upstream upgrade.
+  * chage works (10561).
+  * Fix NIS behavior (5634,8734,10032,10545,10984,11160,12064).
+  * Wrote pwconv,pwunconv,grpconv,grpunconv manpage (10940).
+  * vipw fixes (10521,10696,11618,11924,12184,13001)
+  * Fixes for new automake.
+  * Compile with glibc2. (8627,8777,9824,11713,11719,12082,12108,11442).
+  * debian/rules fixes (8876,12468).
+  * /etc/login.defs: UMASK=002 (9102).
+  * chown /dev/vcs* on login (9421,13255).
+  * Added tty9-tty12 to /etc/securetty (11644).
+  * Provide template and manpage for /etc/limits (12289).
+  * Fix security hole in postinst (11769).
+  * login fills out ut_addr field in utmp (10701).
+  * shadowconfig.sh fixes (9189,9328,9386,10968,12452,12469).
+  * Overcome postinst bug in old shadow-passwd package (9939,12120).
+  * useradd default GROUP=100 (9244).
+  * Allow 8 bit chars in chfn (12367).
+  * secure-su - set HOME, use SHELL if set (11003,11189).
+
+ -- Guy Maor <maor@ece.utexas.edu>  Fri, 26 Sep 1997 19:23:42 -0500
+
+shadow (970616) unstable; urgency=low
+
+  * vipw preserves permissions on edited files (10521).
+  * various other bug fixes.
+
+ -- Marek Michalkiewicz <marekm@piast.t19.ds.pwr.wroc.pl>  Mon, 16 Jun 1997 02:02:00 +0200
+
+shadow (970601) unstable; urgency=low
+
+  * Fix typo in libmisc/mail.c causing login to segfault.
+
+ -- Marek Michalkiewicz <marekm@piast.t19.ds.pwr.wroc.pl>  Mon,  2 Jun 1997 07:33:00 +0200
+
+shadow (970502-2) unstable; urgency=low
+
+  * Fixes to shadow group support (grpconv didn't work).
+
+ -- Marek Michalkiewicz <marekm@piast.t19.ds.pwr.wroc.pl>  Fri,  2 May 1997 15:48:00 +0200
+
+shadow (970502-1) unstable; urgency=low
+
+  * Upstream upgrade.
+
+ -- Marek Michalkiewicz <marekm@piast.t19.ds.pwr.wroc.pl>  Fri,  2 May 1997 03:18:00 +0200
+
+shadow (961025-2) frozen unstable; urgency=medium
+
+  * Fix useradd -D segfault (8098, 8152, 8733).
+  * Fix shadowconfig - permfix only on xlock; /etc/init.d/xdm rewrite, chmod
+    (8102, 8320, 8333, 8708).
+  * Remove HOWTO from usr/doc/passwd as it's in linux-doc (8150).
+  * Fixes to su.1 (8153).
+  * login, passwd, su each conflict and replace with the old shadow-*
+    version. (8269, 8290, 8393, 8394).
+  * Put /etc/shells back in passwd (8328).
+  * Fixed login.postinst for upgrade from shadow-login (8392).
+  * Added -e to pwck for use in shadowconfig: reports only errors, no
+    warnings (8542).
+  * Wrote shadowconfig.8 (8588).
+
+ -- Guy Maor <maor@ece.utexas.edu>  Sat, 19 Apr 1997 02:34:59 -0500
+
+shadow (961025-1) unstable; urgency=low
+  
+  * Upstream upgrade, new source format.
+
+ -- Guy Maor <maor@ece.utexas.edu>  Mon, 10 Feb 1997 02:56:56 -0600
+
+shadow (960530-1) experimental; urgency=LOW
+
+  * Added grpunconv script
+  * Changed prerm/postinst scripts to remove/create shadowed group
+    file
+  * Added vipw/vigr binaries
+  * Renamed package to shadow-passwd
+  * Added packages shadow-su and shadow-login
+  * Added 'Essential: yes' to be able to replace passwd and login
+  * Section now base for shadow-passwd and shadow-login
+  * Added /etc/shell conffile
+  * Added /etc/securetty conffile
+  * Added new conffile /etc/suauth. Set it up so only users in group 0
+    can su to root.
+
+ -- Unknown <unknown@debian.org>  Mon, 01 Jul 1996 00:00:00 +0000
+
+shadow (960810-1) base; urgency=LOW
+
+  * Added useradd default file so that default group is no longer 1
+  * Also corrected the useradd manpage
+  * Replaced grpunconv script by real binary which does correct
+    locking.
+  * Added 'source' field control file to control files
+  * Changed version naming in debian.rules
+  * New upstream version
+
+ -- Unknown <unknown@debian.org>  Mon, 01 Jan 1996 00:00:00 +0000
+
--- shadow-4.0.18.1.orig/debian/login.links
+++ shadow-4.0.18.1/debian/login.links
@@ -0,0 +1 @@
+usr/bin/newgrp usr/bin/sg
--- shadow-4.0.18.1.orig/debian/securetty.hurd
+++ shadow-4.0.18.1/debian/securetty.hurd
@@ -0,0 +1,71 @@
+# /etc/securetty: list of terminals on which root is allowed to login.
+# See securetty(5) and login(1).
+console
+
+# for people with serial port consoles
+com0
+
+# Standard consoles
+tty1
+tty2
+tty3
+tty4
+tty5
+tty6
+tty7
+tty8
+tty9
+tty10
+tty11
+tty12
+tty13
+tty14
+tty15
+tty16
+tty17
+tty18
+tty19
+tty20
+tty21
+tty22
+tty23
+tty24
+tty25
+tty26
+tty27
+tty28
+tty29
+tty30
+tty31
+tty32
+tty33
+tty34
+tty35
+tty36
+tty37
+tty38
+tty39
+tty40
+tty41
+tty42
+tty43
+tty44
+tty45
+tty46
+tty47
+tty48
+tty49
+tty50
+tty51
+tty52
+tty53
+tty54
+tty55
+tty56
+tty57
+tty58
+tty59
+tty60
+tty61
+tty62
+tty63
--- shadow-4.0.18.1.orig/debian/rules
+++ shadow-4.0.18.1/debian/rules
@@ -0,0 +1,98 @@
+#!/usr/bin/make -f
+# -*- mode: makefile; coding: utf-8 -*-
+
+DEB_HOST_ARCH_OS := $(shell dpkg-architecture -qDEB_HOST_ARCH_OS)
+
+ifeq ($(DEB_HOST_ARCH_OS),hurd)
+# Do not build login on The Hurd
+override DEB_ARCH_PACKAGES=passwd
+endif
+
+include /usr/share/cdbs/1/rules/debhelper.mk
+# Specify where dh_install will find the files that it needs to move:
+DEB_DH_INSTALL_SOURCEDIR=debian/tmp
+# Specify the destination of shadow's "make install"
+# (This is only needed on The Hurd, where only one package is built. On
+# the other arch, DEB_DESTDIR already points to debian/tmp)
+DEB_DESTDIR=$(CURDIR)/debian/tmp
+
+include /usr/share/cdbs/1/class/autotools.mk
+# Automatically update autoconf, etc.
+DEB_AUTO_UPDATE_ACLOCAL  = 1.9
+DEB_AUTO_UPDATE_AUTOCONF = 1.9
+DEB_AUTO_UPDATE_AUTOMAKE = 1.9
+
+# Adds extra options when calling the configure script:
+DEB_CONFIGURE_EXTRA_FLAGS := --disable-shared --without-libcrack --mandir=/usr/share/man --with-libpam --enable-shadowgrp --enable-man
+ifneq ($(DEB_BUILD_GNU_TYPE),$(DEB_HOST_GNU_TYPE))
+  DEB_CONFIGURE_EXTRA_FLAGS += --host=$(DEB_HOST_GNU_TYPE)
+endif
+
+# Automatically controls patching at build time:
+include /usr/share/cdbs/1/rules/patchsys-quilt.mk
+
+CFLAGS = -g -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64
+ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS)))
+  CFLAGS += -O0
+else
+  CFLAGS += -O2
+endif
+export CFLAGS
+
+# Add extras to the install process:
+binary-install/login::
+	dh_installpam -p login
+	dh_installpam -p login --name=su
+	install -c -m 444 debian/login.defs debian/login/etc/login.defs
+	install -c -m 444 debian/securetty.$(DEB_HOST_ARCH_OS) debian/login/etc/securetty
+	# Lintian and Linda overrides
+	install -c -m 444  debian/login.lintian-overrides debian/login/usr/share/lintian/overrides/login
+	install -c -m 444  debian/login.linda-overrides debian/login/usr/share/linda/overrides/login
+	/bin/sh ./debian/recode_manpages.sh login
+
+binary-install/passwd::
+	install -c -m 444 man/shadowconfig.8 debian/passwd/usr/share/man/man8
+	install -c -m 444 man/ja/shadowconfig.8 debian/passwd/usr/share/man/ja/man8
+	install -c -m 444 man/pl/shadowconfig.8 debian/passwd/usr/share/man/pl/man8
+	install -c -m 444 man/fr/shadowconfig.8 debian/passwd/usr/share/man/fr/man8
+	# Distribute the pam.d files; unless for the commands with disabled PAM
+	# support (see patch 404_undef_USE_PAM.dpatch)
+	dh_installpam -p passwd --name=passwd
+	dh_installpam -p passwd --name=chfn
+	dh_installpam -p passwd --name=chsh
+ifeq ($(DEB_HOST_ARCH_OS),hurd)
+# login is not built on The Hurd, but some utilities of passwd depends on
+# /etc/login.defs.
+	install -c -m 444 debian/login.defs debian/passwd/etc/login.defs
+endif
+	install -c -m 644 debian/useradd.default debian/passwd/etc/default/useradd
+	install -d debian/passwd/sbin
+	install -c -m 555 debian/shadowconfig.sh debian/passwd/sbin/shadowconfig
+	install -c -m 444 debian/cpgr.8 debian/passwd/usr/share/man/man8
+	install -c -m 444 debian/cppw.8 debian/passwd/usr/share/man/man8
+	# Lintian overrides files
+	install -c -m 444  debian/passwd.lintian-overrides debian/passwd/usr/share/lintian/overrides/passwd
+	# Linda overrides files
+	install -c -m 444  debian/passwd.linda-overrides debian/passwd/usr/share/linda/overrides/passwd
+	/bin/sh ./debian/recode_manpages.sh passwd
+
+binary-predeb/login::
+	# No real need for login to be setuid root
+	# chmod u+s debian/login/bin/login
+	chmod u+s debian/login/bin/su
+	chmod u+s debian/login/usr/bin/newgrp
+
+binary-predeb/passwd::
+	chmod u+s debian/passwd/usr/bin/chfn
+	chmod u+s debian/passwd/usr/bin/chsh
+	chmod u+s debian/passwd/usr/bin/gpasswd
+	chmod u+s debian/passwd/usr/bin/passwd
+	chgrp shadow debian/passwd/usr/bin/chage
+	chgrp shadow debian/passwd/usr/bin/expiry
+	chmod g+s debian/passwd/usr/bin/chage
+	chmod g+s debian/passwd/usr/bin/expiry
+ifeq ($(DEB_HOST_ARCH_OS),hurd)
+	echo "loginpam=login, libpam-modules (>= 0.72-5)" >> debian/passwd.substvars
+else
+	echo "loginpam=login (>= 970502-1), libpam-modules (>= 0.72-5)" >> debian/passwd.substvars
+endif
--- shadow-4.0.18.1.orig/debian/passwd.expire.cron
+++ shadow-4.0.18.1/debian/passwd.expire.cron
@@ -0,0 +1,57 @@
+#!/usr/bin/perl
+#
+# passwd.expire.cron: sample expiry notification script for use as a cronjob
+#
+# Copyright 1999 by Ben Collins <bcollins@debian.org>, complete rights granted
+# for use, distribution, modification, etc.
+#
+# Usage:
+#	edit the listed options, including the actual email, then rename to
+#	/etc/cron.daily/passwd
+#
+#	If your users don't have a valid login shell (ie. they are ftp or mail
+#	users only), they will need some other way to change their password
+#	(telnet will work since login will handle password aging, or a poppasswd
+#	program, if they are mail users).
+
+# <CONFIG> #
+
+# should be same as /etc/adduser.conf
+$LOW_UID=1000;
+$HIGH_UID=29999;
+
+# this let's the MTA handle the domain,
+# set it manually if you want. Make sure
+# you also add the @ like "\@domain.com"
+$MAIL_DOM="";
+
+# </CONFIG> #
+
+# Set the current day reference
+$curdays = int(time() / (60 * 60 * 24));
+
+# Now go through the list
+
+open(SH, "< /etc/shadow");
+while (<SH>) {
+    @shent = split(':', $_);
+    @userent = getpwnam($shent[0]);
+    if ($userent[2] >= $LOW_UID && $userent[2] <= $HIGH_UID) {
+	if ($curdays > $shent[2] + $shent[4] - $shent[5] &&
+		$shent[4] != -1 && $shent[4] != 0 &&
+		$shent[5] != -1 && $shent[5] != 0) {
+	    $daysleft = ($shent[2] + $shent[4]) - $curdays;
+	    if ($daysleft == 1) { $days = "day"; } else {$days = "days"; }
+            if ($daysleft < 0) { next; }
+	    open (MAIL, "| mail -s '[WARNING] account will expire in $daysleft $days' $shent[0]${MAIL_DOM}");
+	    print MAIL <<EOF;
+Your account will expire in $daysleft $days. Please change your password before
+then or your account will expire
+EOF
+	    close (MAIL);
+	    # This makes sure we also get a list of almost expired users
+	    print "$shent[0]'s account will expire in $daysleft days\n";
+	}
+    }
+    @userent = getpwent();
+}
--- shadow-4.0.18.1.orig/debian/passwd.dirs
+++ shadow-4.0.18.1/debian/passwd.dirs
@@ -0,0 +1,3 @@
+usr/share/lintian/overrides
+usr/share/linda/overrides
+etc/default
--- shadow-4.0.18.1.orig/debian/passwd.chsh.pam
+++ shadow-4.0.18.1/debian/passwd.chsh.pam
@@ -0,0 +1,20 @@
+#
+# The PAM configuration file for the Shadow `chsh' service
+#
+
+# This will not allow a user to change their shell unless
+# their current one is listed in /etc/shells. This keeps
+# accounts with special shells from changing them.
+auth       required   pam_shells.so
+
+# This allows root to change user shell without being
+# prompted for a password
+auth		sufficient	pam_rootok.so
+
+# The standard Unix authentication modules, used with
+# NIS (man nsswitch) as well as normal /etc/passwd and
+# /etc/shadow entries.
+@include common-auth
+@include common-account
+@include common-session
+
--- shadow-4.0.18.1.orig/debian/passwd.install
+++ shadow-4.0.18.1/debian/passwd.install
@@ -0,0 +1,74 @@
+usr/bin/chage
+usr/bin/chfn
+usr/bin/chsh
+usr/bin/expiry
+usr/bin/gpasswd
+usr/bin/passwd
+usr/sbin/chpasswd
+usr/sbin/chgpasswd
+usr/sbin/cppw
+usr/sbin/groupadd
+usr/sbin/groupdel
+usr/sbin/groupmod
+usr/sbin/grpck
+usr/sbin/grpconv
+usr/sbin/grpunconv
+usr/sbin/newusers
+usr/sbin/pwck
+usr/sbin/pwconv
+usr/sbin/pwunconv
+usr/sbin/useradd
+usr/sbin/userdel
+usr/sbin/usermod
+usr/sbin/vipw
+usr/share/man/*/man1/chage.1
+usr/share/man/*/man1/chfn.1
+usr/share/man/*/man1/chsh.1
+usr/share/man/*/man1/expiry.1
+usr/share/man/*/man1/gpasswd.1
+usr/share/man/*/man1/passwd.1
+usr/share/man/*/man5/passwd.5
+usr/share/man/*/man5/shadow.5
+usr/share/man/*/man5/gshadow.5
+usr/share/man/*/man8/chpasswd.8
+usr/share/man/*/man8/groupadd.8
+usr/share/man/*/man8/groupdel.8
+usr/share/man/*/man8/groupmod.8
+usr/share/man/*/man8/grpck.8
+usr/share/man/*/man8/grpconv.8
+usr/share/man/*/man8/grpunconv.8
+usr/share/man/*/man8/newusers.8
+usr/share/man/*/man8/pwck.8
+usr/share/man/*/man8/pwconv.8
+usr/share/man/*/man8/pwunconv.8
+usr/share/man/*/man8/useradd.8
+usr/share/man/*/man8/userdel.8
+usr/share/man/*/man8/usermod.8
+usr/share/man/*/man8/vigr.8
+usr/share/man/*/man8/vipw.8
+usr/share/man/man1/chage.1
+usr/share/man/man1/chfn.1
+usr/share/man/man1/chsh.1
+usr/share/man/man1/expiry.1
+usr/share/man/man1/gpasswd.1
+usr/share/man/man1/passwd.1
+usr/share/man/man5/passwd.5
+usr/share/man/man5/shadow.5
+usr/share/man/man5/gshadow.5
+usr/share/man/man8/chgpasswd.8
+usr/share/man/man8/chpasswd.8
+usr/share/man/man8/groupadd.8
+usr/share/man/man8/groupdel.8
+usr/share/man/man8/groupmod.8
+usr/share/man/man8/grpck.8
+usr/share/man/man8/grpconv.8
+usr/share/man/man8/grpunconv.8
+usr/share/man/man8/newusers.8
+usr/share/man/man8/pwck.8
+usr/share/man/man8/pwconv.8
+usr/share/man/man8/pwunconv.8
+usr/share/man/man8/useradd.8
+usr/share/man/man8/userdel.8
+usr/share/man/man8/usermod.8
+usr/share/man/man8/vigr.8
+usr/share/man/man8/vipw.8
--- shadow-4.0.18.1.orig/debian/copyright
+++ shadow-4.0.18.1/debian/copyright
@@ -0,0 +1,103 @@
+This is Debian GNU/Linux's prepackaged version of the shadow utilities.
+
+It was downloaded from: <ftp://ftp.pld.org.pl/software/shadow/>. 
+As of May 2007, this site is no longer available.
+
+Copyright:
+
+Parts of this software are copyright 1988 - 1994, Julianne Frances Haugh.
+All rights reserved.
+
+Parts of this software are copyright 1997 - 2001, Marek Michałkiewicz.
+All rights reserved.
+
+Parts of this software are copyright 2001 - 2004, Andrzej Krzysztofowicz
+All rights reserved.
+
+Parts of this software are copyright 2000 - 2007, Tomasz Kłoczko.
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+1. Redistributions of source code must retain the above copyright
+   notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright
+   notice, this list of conditions and the following disclaimer in the
+   documentation and/or other materials provided with the distribution.
+3. Neither the name of Julianne F. Haugh nor the names of its contributors
+   may be used to endorse or promote products derived from this software
+   without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGE.
+
+This source code is currently archived on ftp.uu.net in the
+comp.sources.misc portion of the USENET archives.  You may also contact
+the author, Julianne F. Haugh, at jockgrrl@ix.netcom.com if you have
+any questions regarding this package.
+
+THIS SOFTWARE IS BEING DISTRIBUTED AS-IS.  THE AUTHORS DISCLAIM ALL
+LIABILITY FOR ANY CONSEQUENCES OF USE.  THE USER IS SOLELY RESPONSIBLE
+FOR THE MAINTENANCE OF THIS SOFTWARE PACKAGE.  THE AUTHORS ARE UNDER NO
+OBLIGATION TO PROVIDE MODIFICATIONS OR IMPROVEMENTS.  THE USER IS
+ENCOURAGED TO TAKE ANY AND ALL STEPS NEEDED TO PROTECT AGAINST ACCIDENTAL
+LOSS OF INFORMATION OR MACHINE RESOURCES.
+
+Special thanks are due to Chip Rosenthal for his fine testing efforts;
+to Steve Simmons for his work in porting this code to BSD; and to Bill
+Kennedy for his contributions of LaserJet printer time and energies.
+Also, thanks for Dennis L. Mumaugh for the initial shadow password
+information and to Tony Walton (olapw@olgb1.oliv.co.uk) for the System
+V Release 4 changes.  Effort in porting to SunOS has been contributed
+by Dr. Michael Newberry (miken@cs.adfa.oz.au) and Micheal J. Miller, Jr.
+(mke@kaberd.rain.com).  Effort in porting to AT&T UNIX System V Release
+4 has been provided by Andrew Herbert (andrew@werple.pub.uu.oz.au).
+Special thanks to Marek Michalkiewicz (marekm@i17linuxb.ists.pwr.wroc.pl)
+for taking over the Linux port of this software.
+
+Source files: login_access.c, login_desrpc.c, login_krb.c are derived
+from the logdaemon-5.0 package, which is under the following license:
+
+/************************************************************************
+* Copyright 1995 by Wietse Venema.  All rights reserved. Individual files
+* may be covered by other copyrights (as noted in the file itself.)
+*
+* This material was originally written and compiled by Wietse Venema at
+* Eindhoven University of Technology, The Netherlands, in 1990, 1991,
+* 1992, 1993, 1994 and 1995.
+*
+* Redistribution and use in source and binary forms are permitted
+* provided that this entire copyright notice is duplicated in all such
+* copies.  
+*
+* This software is provided "as is" and without any expressed or implied
+* warranties, including, without limitation, the implied warranties of
+* merchantibility and fitness for any particular purpose.
+************************************************************************/
+
+Some parts substantially in src/su.c derived from an ancestor of
+su for GNU.  Run a shell with substitute user and group IDs.
+Copyright (C) 1992-2003 Free Software Foundation, Inc.
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2, or (at your option)
+   any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   On Debian GNU/Linux systems, the complete text of the GNU General Public
+   License can be found in '/usr/share/common-licenses/GPL'