shadow/TODO

 * Create a common usage function that'd take the array of
   long options and an array of descriptions and output that so things would
   be standardized across the utils.
   Usage strings should be normalized and split first.
   Investigate optparse.


/etc/default/useradd
 * GROUP=1000 should accept a group name.

Check when RLOGIN is enabled if ruserok() exists

Move selinux_file_context out of libmisc/copydir.c

Review hardcoded root account?

review all call to strto

libmisc/cleanup_user.c
	cleanup needed (cleanup_report_add_user* not used)


libxcrypt support
 * http://wiki.linuxfromscratch.org/patches/browser/trunk/shadow/shadow-4.0.18.1-owl_blowfish-1.patch

implement getlong, getulong.
	avoid atoi, atol, atoul, strtol, strtoul, ...

manpages: comment the RLOGIN parts

Replace build_list (in lib/gshadow.c) and list (in lib/sgetgrent.c) by
comma_to_list()

Revert the modified files if all files could not be changed.
  * or warn and indicate which files were modified and which were not.
  * check the order the files are modified.

report nscd_flush_cache failures?
call nscd from the programs or from lib (commonio?)

PAM: check if a non-interactive conversation function could be used to set
the password in chpasswd and newusers

WITH_SELINUX
  - review all tools to check that the strategies are consistent

chage, chfn, chsh: same change needed as in passwd.
  - probably need moving check_selinux_access to a separate file.

testsuite
 - newgrp
   - test with unknown user's GID

newusers
 - add logging to SYSLOG & AUDIT
 - use CREATE_HOME
 - Add a -Z option (see useradd / usermod)

Document when/where option appeared, document whether an option is standard
or not.

Check all the expiry semantics

ALL:
- move base passwd/shadow/group/gshadow operation to module for allow write
  different backend modules for db, NIS, LDAP and others. Default backend it
  will be goot if will be chosen depending on /etc/nsswitch.conf and allow
  override this by -r <repository> options (where the <repository> can be
  file, db, nis nisplus, ldap .. like on /etc/nsswitch.conf in service column).
  passwd have old piece of code with handling -r option and it will be good
  finish this and propagate on other shadow tools for allow operate on other
  user databases by well known tools.
- Protect against signals. Register do_cleanups in a signal handler.

- login.defs
  - generate depending on configuration

- useradd:
  - add handle create user mail spool in maildir format.
  - Add support for -k in -D mode
  - Add support for -K in -D mode
  - Add option to create or not the mail spool (and set the default in -D
    mode)
  - Change -l to reset the entry if an entry was already there
  - set the mask in mkdir?

- userdel:
  - add backup option for the removal of user resources,
  - user_busy: check that the user is not running any processes.
  - missing "deleting group" FAILED
  - home dir removed, but userdel may fail and may leave the user
    => warning needed

- usermod
  - add an option equivalent to useradd's -l (only when uid is changed)
  - the mode of new home directories should be set according to the
    original mode. Does copy_tree does this?
  - user renamed, order is not kept in /etc/group (see
    47_usermod-l_no_shadow_file). This is a problem when the first user is
    considered as the admin.
  - see mail "user ID change" on  April, 15
    + fix call to chown (combination of -m and -u/-g)
    + add tests

- passwd:
  - check combination of options (e.g. -u/-l)
  - when -u refuse to unlock because it would create an empty password, it
    should not display "Password changed."
    exit instead?

- newgrp: check the USE_PAM section.

- pwck
  - Add check to move passwd passwords to shadow if there is a shadow
    entry (with a password).
  - Add check to move passwd passwords to shadow if there is a shadow
    file.
  - Support an alternative /etc/tcb directory as second parameter.
  - add options -g / -G to specify alternative group / gshadow files

- su
  - add a login.defs configuration parameter to add variables to keep in
    the environment with "su -l" (TERM/TERMCOLOR/...)

- vipw
  - set ACLs and XATTRs on the temporary file (and backups?)
  - vipw + selinux -> use lib/selinux.c
fix spelling and unify whitespace 2021-08-18 18:06:02 +00:00			`* Create a common usage function that'd take the array of`
Added new TODO item. 2009-09-05 20:26:09 +00:00			`long options and an array of descriptions and output that so things would`
			`be standardized across the utils.`
			`Usage strings should be normalized and split first.`
			`Investigate optparse.`


Added a TODO item for /etc/defautl/useradd 2009-07-23 19:40:53 +00:00			`/etc/default/useradd`
			`* GROUP=1000 should accept a group name.`

Added one todo item. 2009-07-23 19:40:00 +00:00			`Check when RLOGIN is enabled if ruserok() exists`

Added TODO item. 2009-04-11 16:24:06 +00:00			`Move selinux_file_context out of libmisc/copydir.c`

Added TODO entry. 2009-04-12 00:38:41 +00:00			`Review hardcoded root account?`

Added todo items. 2009-04-05 23:50:58 +00:00			`review all call to strto`

Added TODO items. 2009-03-15 21:38:46 +00:00			`libmisc/cleanup_user.c`
			`cleanup needed (cleanup_report_add_user* not used)`


Support for blowfish was requested twice. Add link to a patch for libxcrypt. 2008-09-06 22:52:35 +00:00			`libxcrypt support`
			`* http://wiki.linuxfromscratch.org/patches/browser/trunk/shadow/shadow-4.0.18.1-owl_blowfish-1.patch`

Updated TODO list. 2008-09-04 20:41:18 +00:00			`implement getlong, getulong.`
			`avoid atoi, atol, atoul, strtol, strtoul, ...`

			`manpages: comment the RLOGIN parts`

Added TODO items. Removed done items. 2008-08-31 17:30:37 +00:00			`Replace build_list (in lib/gshadow.c) and list (in lib/sgetgrent.c) by`
			`comma_to_list()`

			`Revert the modified files if all files could not be changed.`
			`* or warn and indicate which files were modified and which were not.`
			`* check the order the files are modified.`

Updated TODO file. Added entries: * all: report nscd_flush_cache failures? * groupmems: Add support for gshadow Removed entries: * groupmems: check reason for isgroup (function already removed) 2008-08-09 23:34:04 +00:00			`report nscd_flush_cache failures?`
Updated TODO list. 2008-09-04 20:41:18 +00:00			`call nscd from the programs or from lib (commonio?)`
Updated TODO file. Added entries: * all: report nscd_flush_cache failures? * groupmems: Add support for gshadow Removed entries: * groupmems: check reason for isgroup (function already removed) 2008-08-09 23:34:04 +00:00
Updated TODO list. 2008-09-04 20:41:18 +00:00			`PAM: check if a non-interactive conversation function could be used to set`
			`the password in chpasswd and newusers`
Added TODO items. 2008-05-23 20:47:45 +00:00
Add TODO items for SELINUX. 2008-04-02 21:42:04 +00:00			`WITH_SELINUX`
			`- review all tools to check that the strategies are consistent`

			`chage, chfn, chsh: same change needed as in passwd.`
			`- probably need moving check_selinux_access to a separate file.`

Add ideas for new tests in the testsuite. 2008-02-03 17:58:16 +00:00			`testsuite`
			`- newgrp`
			`- test with unknown user's GID`

New TODO item: - newusers: add logging to SYSLOG & AUDIT 2008-01-01 19:54:37 +00:00			`newusers`
			`- add logging to SYSLOG & AUDIT`
- newusers should use the CREATE_HOME variable (and new options are needed) - usermod - the mode of new home directories should be set according to the original mode. Does copy_tree does this? 2009-01-21 14:49:42 +00:00			`- use CREATE_HOME`
* NEWS, src/useradd.c, man/useradd.8.xml: add -Z option to map SELinux user for user's login. * NEWS, src/usermod.c, man/usermod.8.xml: Likewise. * libmisc/system.c, libmisc/Makefile.am, lib/prototypes.h: Added safe_system(). Used to run semanage. * lib/prototypes.h, libmisc/copydir.c: Make a selinux_file_context() an extern function. * libmisc/copydir.c: Reset SELinux to create files with default contexts at the end of copy_tree(). * NEWS, src/userdel.c: Delete the SELinux user mapping for user's login. 2009-04-11 15:34:10 +00:00			`- Add a -Z option (see useradd / usermod)`
New TODO item: - newusers: add logging to SYSLOG & AUDIT 2008-01-01 19:54:37 +00:00
The manpages should indicate how common options are. 2007-12-26 10:13:57 +00:00			`Document when/where option appeared, document whether an option is standard`
			`or not.`

New TODOs. 2007-11-27 19:45:36 +00:00			`Check all the expiry semantics`

[svn-upgrade] Integrating new upstream version, shadow (4.0.4) 2007-10-07 11:45:23 +00:00			`ALL:`
			`- move base passwd/shadow/group/gshadow operation to module for allow write`
Fix typos. 2007-11-17 16:33:33 +00:00			`different backend modules for db, NIS, LDAP and others. Default backend it`
			`will be goot if will be chosen depending on /etc/nsswitch.conf and allow`
			`override this by -r <repository> options (where the <repository> can be`
[svn-upgrade] Integrating new upstream version, shadow (4.0.8) 2007-10-07 11:46:07 +00:00			`file, db, nis nisplus, ldap .. like on /etc/nsswitch.conf in service column).`
[svn-upgrade] Integrating new upstream version, shadow (4.0.4) 2007-10-07 11:45:23 +00:00			`passwd have old piece of code with handling -r option and it will be good`
			`finish this and propagate on other shadow tools for allow operate on other`
			`user databases by well known tools.`
Added TODO items. 2009-03-07 16:29:28 +00:00			`- Protect against signals. Register do_cleanups in a signal handler.`
[svn-upgrade] Integrating new upstream version, shadow (4.0.4) 2007-10-07 11:45:23 +00:00
Updated TODO list. 2009-03-14 13:21:15 +00:00			`- login.defs`
			`- generate depending on configuration`
Updated TODO list. 2008-09-04 20:41:18 +00:00
[svn-upgrade] Integrating new upstream version, shadow (4.0.4) 2007-10-07 11:45:23 +00:00			`- useradd:`
			`- add handle create user mail spool in maildir format.`
Added TODO items for useradd. 2008-08-31 17:30:52 +00:00			`- Add support for -k in -D mode`
New TODO item. useradd: - Add support for -K in -D mode 2008-09-13 11:54:58 +00:00			`- Add support for -K in -D mode`
Added TODO items for useradd. 2008-08-31 17:30:52 +00:00			`- Add option to create or not the mail spool (and set the default in -D`
			`mode)`
Updated TODO list. 2009-03-14 13:21:15 +00:00			`- Change -l to reset the entry if an entry was already there`
Added TODO items. 2009-03-07 16:29:28 +00:00			`- set the mask in mkdir?`
[svn-upgrade] Integrating new upstream version, shadow (4.0.4) 2007-10-07 11:45:23 +00:00
[svn-upgrade] Integrating new upstream version, shadow (4.0.0) 2007-10-07 11:44:51 +00:00			`- userdel:`
Fix typos. 2007-11-17 16:33:33 +00:00			`- add backup option for the removal of user resources,`
New TODOs. 2007-11-20 13:42:18 +00:00			`- user_busy: check that the user is not running any processes.`
Updated TODO list. 2008-09-04 20:41:18 +00:00			`- missing "deleting group" FAILED`
			`- home dir removed, but userdel may fail and may leave the user`
			`=> warning needed`
[svn-upgrade] Integrating new upstream version, shadow (4.0.0) 2007-10-07 11:44:51 +00:00
- newusers should use the CREATE_HOME variable (and new options are needed) - usermod - the mode of new home directories should be set according to the original mode. Does copy_tree does this? 2009-01-21 14:49:42 +00:00			`- usermod`
Updated TODO list. 2009-03-14 13:21:15 +00:00			`- add an option equivalent to useradd's -l (only when uid is changed)`
- newusers should use the CREATE_HOME variable (and new options are needed) - usermod - the mode of new home directories should be set according to the original mode. Does copy_tree does this? 2009-01-21 14:49:42 +00:00			`- the mode of new home directories should be set according to the`
			`original mode. Does copy_tree does this?`
Added one TODO item for usermod. 2009-04-14 22:19:17 +00:00			`- user renamed, order is not kept in /etc/group (see`
			`47_usermod-l_no_shadow_file). This is a problem when the first user is`
			`considered as the admin.`
			`- see mail "user ID change" on April, 15`
			`+ fix call to chown (combination of -m and -u/-g)`
			`+ add tests`

New TODO for later. 2007-11-17 16:27:30 +00:00			`- passwd:`
			`- check combination of options (e.g. -u/-l)`
Added todo items. 2009-04-05 23:50:58 +00:00			`- when -u refuse to unlock because it would create an empty password, it`
			`should not display "Password changed."`
			`exit instead?`
New TODO for later. 2007-11-17 16:27:30 +00:00
* Why isgroup always return TRUE in groupmems? * why is there a USE_PAM section? 2007-11-18 17:08:42 +00:00			`- newgrp: check the USE_PAM section.`

Added todo items for pwck. 2008-10-11 13:15:29 +00:00			`- pwck`
			`- Add check to move passwd passwords to shadow if there is a shadow`
			`entry (with a password).`
			`- Add check to move passwd passwords to shadow if there is a shadow`
			`file.`
* src/pwck.c: Document the sections closed by #endif * src/pwck.c, man/pwck.8.xml: No alternative shadow file can be given when USE_TCB is enabled. 2010-03-18 10:23:51 +00:00			`- Support an alternative /etc/tcb directory as second parameter.`
- add options -g / -G to specify alternative group / gshadow files 2010-03-18 12:28:25 +00:00			`- add options -g / -G to specify alternative group / gshadow files`
Added todo items for pwck. 2008-10-11 13:15:29 +00:00
* NEWS, src/su.c: Preserve COLORTERM in addition to TERM when su is called with the -l option. 2009-01-06 20:13:31 +00:00			`- su`
			`- add a login.defs configuration parameter to add variables to keep in`
* NEWS, configure.in, libmisc/copydir.c, man/useradd.8.xml, man/usermod.8.xml, src/Makefile.am: Added support for ACLs and Extended Attributes. 2010-03-30 21:01:27 +00:00			`the environment with "su -l" (TERM/TERMCOLOR/...)`

			`- vipw`
Fix typo. 2010-03-31 09:27:11 +00:00			`- set ACLs and XATTRs on the temporary file (and backups?)`
New entry for vipw. 2012-01-15 21:26:56 +00:00			`- vipw + selinux -> use lib/selinux.c`