* man/newusers.8.xml: PAM enabled version: describe how passwords

	are updated and how newusers behave in case of error.

diff --git a/ChangeLog b/ChangeLog
index 8a445b5b172be93dc80a10b1cfd6e6cc2fef87d0..405f0c7033069ccb2a364ed938e916475a025b12 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2009-05-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+       * man/newusers.8.xml: PAM enabled version: describe how passwords
+       are updated and how newusers behave in case of error.
+
 2009-05-10  Nicolas François  <nicolas.francois@centraliens.net>
 
        * NEWS, configure.in: New release will be 4.1.4.

diff --git a/man/newusers.8.xml b/man/newusers.8.xml
index daa02a9ec83969dc867ca50e60c79189e01e99fe..a90c5bb771acdb762d2976eac9cd2b132e0a88b7 100644 (file)
--- a/man/newusers.8.xml
+++ b/man/newusers.8.xml
@@ -211,6 +211,13 @@
       databases. If an error occurs (except in the final writes to the
       databases), no changes are committed to the databases.
     </para>
+    <para condition="pam">
+      During this first pass, users are created with a locked password
+      (and passwords are not changed for the users which are not created).
+      A second pass is used to update the passwords using PAM.  Failures
+      to update a password are reported, but will not stop the other
+      password updates.
+    </para>
 
     <para>
       This command is intended to be used in a large system environment
@@ -297,12 +304,6 @@
       The input file must be protected since it contains unencrypted
       passwords.
     </para>
-    <para condition="pam">
-      PAM is not used to update the passwords.
-      Only <filename>/etc/passwd</filename> and
-      <filename>/etc/shadow</filename> are updated, and the various checks
-      or options provided by PAM modules are not used.
-    </para>
   </refsect1>
 
   <refsect1 id='configuration'>