From 96ce0b17630a314965b7239d8582b818ceb90963 Mon Sep 17 00:00:00 2001
From: asmeron <asmeron@ublinux.com>
Date: Tue, 19 Mar 2024 14:42:34 +0600
Subject: [PATCH] Fix /rc.preinit/10-accounts /rc.halt.pre/25-accounts-sync

---
 ublinux/functions                     | 269 ++++++++++++++++++++++++++
 ublinux/rc.halt.pre/25-accounts-sync  | 106 ++++------
 ublinux/rc.preinit/10-accounts        |  56 +++---
 ublinux/templates/ublinux-data.ini    |  20 +-
 ublinux/templates/ublinux-data_cn.ini |   1 +
 ublinux/templates/ublinux-data_cn.sgn |   1 +
 ublinux/templates/ublinux-data_de.ini |   1 +
 ublinux/templates/ublinux-data_de.sgn |   1 +
 ublinux/templates/ublinux-data_fr.ini |   1 +
 ublinux/templates/ublinux-data_fr.sgn |   1 +
 ublinux/templates/ublinux_cn.ini      |   1 +
 ublinux/templates/ublinux_cn.sgn      |   1 +
 ublinux/templates/ublinux_de.ini      |   1 +
 ublinux/templates/ublinux_de.sgn      |   1 +
 ublinux/templates/ublinux_fr.ini      |   1 +
 ublinux/templates/ublinux_fr.sgn      |   1 +
 16 files changed, 372 insertions(+), 91 deletions(-)
 create mode 120000 ublinux/templates/ublinux-data_cn.ini
 create mode 120000 ublinux/templates/ublinux-data_cn.sgn
 create mode 120000 ublinux/templates/ublinux-data_de.ini
 create mode 120000 ublinux/templates/ublinux-data_de.sgn
 create mode 120000 ublinux/templates/ublinux-data_fr.ini
 create mode 120000 ublinux/templates/ublinux-data_fr.sgn
 create mode 120000 ublinux/templates/ublinux_cn.ini
 create mode 120000 ublinux/templates/ublinux_cn.sgn
 create mode 120000 ublinux/templates/ublinux_de.ini
 create mode 120000 ublinux/templates/ublinux_de.sgn
 create mode 120000 ublinux/templates/ublinux_fr.ini
 create mode 120000 ublinux/templates/ublinux_fr.sgn

diff --git a/ublinux/functions b/ublinux/functions
index 4777942..34112f2 100755
--- a/ublinux/functions
+++ b/ublinux/functions
@@ -190,6 +190,275 @@ globalconf_convert_pass_plain_to_hash(){
     fi
 }
 
+#####################################################################################
+###
+### Функции получения от системы текущих настроек вида параметров от конфигурации ###
+###
+#####################################################################################
+
+# Получить запись вида конфигурации USERADD из системного пользователя
+#   $1		# Варианты пользователей, можно указывать несколько через пробел,  кроме nobody
+#     <пуcто>		# Эквивалентно '@users @systems'
+#     @users		# Все пользователи кроме системных, MIN_UID и MAX_UID взять из /etc/login.defs
+#     @systems		# Только системные, SYS_MIN_UID и SYS_MAX_UID взять из /etc/login.defs
+#     @all		# Все с UID от 0 до 65535
+#     <digital>-<digital>	# Все пользователи диапазона
+#     <username>	# Имя пользователя
+get_conf_useradd_from_system(){
+    FILE_PASSWD="${ROOTFS}/etc/passwd"
+    FILE_SHADOW="${ROOTFS}/etc/shadow"
+    FILE_LOGINDEFS="${ROOTFS}/etc/login.defs"
+    DATA_FILE_PASSWD=$(cat ${FILE_PASSWD})
+    DATA_FILE_SHADOW=$(cat ${FILE_SHADOW})
+    # Загрузить файлы которые совпадают в каталогах /usr/lib/sysusers.d/ и /usr/share/ublinux-sysusers/. И загрузить которые уникальные в /usr/lib/sysusers.d/
+    DATA_SYSUSERS=$(cat \
+	$(comm --nocheck-order -12 <(cd /usr/lib/sysusers.d/ && ls -v1 *.conf | sed "s/\.conf//g") <(cd /usr/share/ublinux-sysusers/ && ls -v1 *.sysusers | sed "s/\.sysusers//g") | sed 's|^|/usr/share/ublinux-sysusers/|;s|$|.sysusers|') \
+	$(comm --nocheck-order -23 <(cd /usr/lib/sysusers.d/ && ls -v1 *.conf | sed "s/\.conf//g") <(cd /usr/share/ublinux-sysusers/ && ls -v1 *.sysusers | sed "s/\.sysusers//g") | sed 's|^|/usr/lib/sysusers.d/|;s|$|.conf|') \
+    )
+    DEFAULT_HOME="/home"
+    DEFAULT_SHELL="/bin/bash"
+    show_user(){
+	local SELECT_USER="$1"
+	local SELECT_PLAINPASSWORD SELECT_UID SELECT_GROUP SELECT_GECOS SELECT_HOME SELECT_SHELL
+	local SELECT_OPTIONAL=
+	local SELECT_EXTRAGROUPS=
+	[[ ${DATA_FILE_PASSWD} =~ ($'\n'|^)+${SELECT_USER}:([^$'\n']*):([^$'\n']*):([^$'\n']*):([^$'\n']*):([^$'\n']*):([^$'\n']*)($'\n'|$)+ ]] \
+	&& SELECT_PLAINPASSWORD=${BASH_REMATCH[2]} \
+	&& SELECT_UID=${BASH_REMATCH[3]} \
+	&& SELECT_GROUP=${BASH_REMATCH[4]} \
+	&& SELECT_GECOS=${BASH_REMATCH[5]} \
+	&& SELECT_HOME=${BASH_REMATCH[6]} \
+	&& SELECT_SHELL=${BASH_REMATCH[7]}
+
+	[[ ${DATA_FILE_SHADOW} =~ ($'\n'|^)+${SELECT_USER}:([^$'\n']*):([^$'\n']*):([^$'\n']*):([^$'\n']*):([^$'\n']*):([^$'\n']*):([^$'\n']*):([^$'\n']*)($'\n'|$)+ ]] \
+	&& SELECT_PASSWORD=${BASH_REMATCH[2]}
+	[[ ${SELECT_PASSWORD} == "!*" && ${SELECT_PLAINPASSWORD} != "x" ]] && SELECT_PASSWORD="${SELECT_PLAINPASSWORD}"
+
+	#SELECT_EXTRAGROUPS=$(${CHROOT} id -nrG ${SELECT_USER} | tr " " ",")
+	SELECT_EXTRAGROUPS=$(printf "%s\n" $(${CHROOT} id -nrG ${SELECT_USER}) | sort -u | xargs | tr " " ",")
+	SELECT_EXTRAGROUPS=${SELECT_EXTRAGROUPS//,nobody/}; SELECT_EXTRAGROUPS=${SELECT_EXTRAGROUPS//nobody/}
+	[[ -n ${SELECT_HOME} && ${SELECT_HOME} != "${DEFAULT_HOME}/${SELECT_USER}" ]] && SELECT_OPTIONAL+=" --home-dir ${SELECT_HOME}"
+	[[ -n ${SELECT_SHELL} && ${SELECT_SHELL} != ${DEFAULT_SHELL} ]] && SELECT_OPTIONAL+=" --shell ${SELECT_SHELL}"
+	if [[ ${SELECT_PASSWORD} == "!*" ]]; then
+	    local DATA_SYSUSERS_GROUP DATA_SYSUSERS_GECOS DATA_SYSUSERS_HOME DATA_SYSUSERS_SHELL
+	    # Выриант1: u vault 319 "Vault daemon" /var/lib/vault
+	    # Выриант2: u varnishlog 318:varnish "Varnish Cache Proxy"
+	    [[ ${DATA_SYSUSERS} =~ ($'\n'|^)+'u'[[:blank:]]+${SELECT_USER}[[:blank:]]+(${SELECT_UID}|${SELECT_UID}:([^$'\n' ]*))[[:blank:]]*(\"([^$'\n']*)\"|\-)[[:blank:]]*([^$'\n' ]*)[[:blank:]]*([^$'\n' ]*)($'\n'|$)+ ]] \
+	    && DATA_SYSUSERS_GROUP=${BASH_REMATCH[3]} \
+	    && DATA_SYSUSERS_GECOS=${BASH_REMATCH[5]} \
+	    && DATA_SYSUSERS_HOME=${BASH_REMATCH[6]} \
+	    && DATA_SYSUSERS_SHELL=${BASH_REMATCH[7]}
+	    [[ ${DATA_SYSUSERS_GECOS} == "-" ]] && unset DATA_SYSUSERS_GECOS
+	    [[ ${DATA_SYSUSERS_HOME} == @(""|"-") ]] && DATA_SYSUSERS_HOME="/"
+	    [[ ${DATA_SYSUSERS_SHELL} == @(""|"-") ]] && DATA_SYSUSERS_SHELL="/usr/bin/nologin"
+	    # Поиск группы, если группа найдена, то номер как в системе, если не найдена, то номер должен быть по UID пользователя
+	    [[ ${DATA_SYSUSERS_GROUP} != "" ]] && FIND_GROUP=${DATA_SYSUSERS_GROUP} || FIND_GROUP=${SELECT_USER}
+	    [[ ${DATA_SYSUSERS} =~ ($'\n'|^)+'g'[[:blank:]]+${FIND_GROUP}[[:blank:]]+${SELECT_GROUP}[[:blank:]]*([^$'\n' ]*)[[:blank:]]*([^$'\n' ]*)($'\n'|$)+ ]] \
+	    && DATA_SYSUSERS_GROUP=${SELECT_GROUP} || DATA_SYSUSERS_GROUP=${SELECT_UID}
+	    #
+	    DATA_SYSUSERS_EXTRAGROUPS=$(sed -Enr "s/^m ${SELECT_USER} (.*)/\1/p" <<< ${DATA_SYSUSERS}) #"
+	    #[[ -n ${DATA_SYSUSERS_EXTRAGROUPS} ]] && DATA_SYSUSERS_EXTRAGROUPS="${SELECT_USER},${DATA_SYSUSERS_EXTRAGROUPS//$'\n'/,}" || DATA_SYSUSERS_EXTRAGROUPS="${SELECT_USER}"
+	    [[ -n ${DATA_SYSUSERS_EXTRAGROUPS} ]] && DATA_SYSUSERS_EXTRAGROUPS=$(printf "%s\n" ${SELECT_USER} ${DATA_SYSUSERS_EXTRAGROUPS} | sort -u | xargs | tr " " ",") \
+	    || DATA_SYSUSERS_EXTRAGROUPS="${FIND_GROUP}"
+	    #
+	    [[ ${SELECT_GROUP} == ${DATA_SYSUSERS_GROUP} && ${SELECT_EXTRAGROUPS} == ${DATA_SYSUSERS_EXTRAGROUPS} && ${SELECT_GECOS} == ${DATA_SYSUSERS_GECOS} && ${SELECT_HOME} == ${DATA_SYSUSERS_HOME} && ${SELECT_SHELL} == ${DATA_SYSUSERS_SHELL} ]] \
+	    && return 0
+	fi
+	echo "USERADD[${SELECT_USER}]='${SELECT_GECOS}:${SELECT_UID}:${SELECT_GROUP}:${SELECT_EXTRAGROUPS}:${SELECT_OPTIONAL}:${SELECT_PASSWORD}'"
+    }
+#    is_systemd_user(){
+#    # Пользователь присутстует в systemd sysusers.d
+#	local SELECT_USER=$1
+#	[[ $(cat ${ROOTFS}/usr/share/ublinux-sysusers/*.sysusers) =~ ($'\n'|^)+'u'[[:blank:]]+"${SELECT_USER}" ]] && return 1 || return 0
+#	[[ -d ${ROOTFS}/run/sysusers.d && $(cat ${ROOTFS}/run/sysusers.d/*.conf) =~ ($'\n'|^)+'u'[[:blank:]]+"${SELECT_USER}" ]] && return 1 || return 0
+#    }
+    local PARAM_ALL="$@"
+    [[ -n ${PARAM_ALL} ]] || PARAM_ALL="@users @systems"
+    while IFS= read -r SELECT_PARAM; do
+	if [[ ${SELECT_PARAM} == "@users" ]]; then
+	# Все пользователи кроме системных
+	    UID_MIN=$([[ $(cat "${FILE_LOGINDEFS}") =~ [^#[^:blank:]]*UID_MIN[[:blank:]]+([[:digit:]]+)  ]]; echo -n "${BASH_REMATCH[1]}")
+	    UID_MAX=$([[ $(cat "${FILE_LOGINDEFS}") =~ [^#[^:blank:]]*UID_MAX[[:blank:]]+([[:digit:]]+)  ]]; echo -n "${BASH_REMATCH[1]}")
+	    while IFS= read -r SELECT_USER; do
+		show_user "${SELECT_USER}"
+	    done < <(awk -F':' -v USER_MIN=${UID_MIN:=1000} -v USER_MAX=${UID_MAX:=65534} '$3 >= USER_MIN && $3 <= USER_MAX && $1 != "nobody" { print $1}' ${FILE_PASSWD})
+	elif [[ ${SELECT_PARAM} == "@systems" ]]; then
+	# Пользователи системные
+	    UID_MIN=$([[ $(cat "${FILE_LOGINDEFS}") =~ [^#[^:blank:]]*SYS_UID_MIN[[:blank:]]+([[:digit:]]+)  ]]; echo -n "${BASH_REMATCH[1]}")
+	    UID_MAX=$([[ $(cat "${FILE_LOGINDEFS}") =~ [^#[^:blank:]]*SYS_UID_MAX[[:blank:]]+([[:digit:]]+)  ]]; echo -n "${BASH_REMATCH[1]}")
+	    while IFS= read -r SELECT_USER; do
+		show_user "${SELECT_USER}"
+	    done < <(awk -F':' -v USER_MIN=${UID_MIN:=500} -v USER_MAX=${UID_MAX:=999} '$3 >= USER_MIN && $3 <= USER_MAX && $1 != "nobody" { print $1}' ${FILE_PASSWD})
+	elif [[ ${SELECT_PARAM} == "@all" ]]; then
+	# Все пользователи
+	    while IFS= read -ru4 SELECT_USER; do
+		show_user "${SELECT_USER}"
+	    done 4< <(awk -F':' '$1 != "nobody" { print $1}' ${FILE_PASSWD})
+	elif [[ ${SELECT_PARAM} =~ ^([[:digit:]]+)'-'*([[:digit:]]*)$ ]]; then
+	    UID_MIN=${BASH_REMATCH[1]}
+	    UID_MAX=${BASH_REMATCH[2]}
+	    [[ -n ${UID_MAX} ]] || UID_MAX=${UID_MIN}
+	    while IFS= read -r SELECT_USER; do
+		show_user "${SELECT_USER}"
+	    done < <(awk -F':' -v USER_MIN=${UID_MIN:=1000} -v USER_MAX=${UID_MAX:=65534} '$3 >= USER_MIN && $3 <= USER_MAX && $1 != "nobody" { print $1}' ${FILE_PASSWD})
+	elif grep -q ^"${SELECT_PARAM}:" ${FILE_PASSWD} &>/dev/null; then
+	    show_user "${SELECT_PARAM}"
+	fi
+    done <<< "${PARAM_ALL// /$'\n'}"
+}
+
+# Получить запись вида конфигурации USERSHADOW из системного пользователя: USERSHADOW[superadmin]='2024-03-06:0:99999:7::'
+#   $1		# Варианты пользователей, можно указывать несколько через пробел,  кроме nobody
+#     <пуcто>		# Эквивалентно '@users @systems'
+#     @users		# Все пользователи кроме системных, MIN_UID и MAX_UID взять из /etc/login.defs
+#     @systems		# Только системные, SYS_MIN_UID и SYS_MAX_UID взять из /etc/login.defs
+#     @all		# Все с UID от 0 до 65535
+#     <digital>-<digital>	# Все пользователи диапазона
+#     <username>	# Имя пользователя
+get_conf_usershadow_from_system(){
+    FILE_PASSWD="${ROOTFS}/etc/passwd"
+    FILE_SHADOW="${ROOTFS}/etc/shadow"
+    FILE_LOGINDEFS="${ROOTFS}/etc/login.defs"
+    DATA_FILE_SHADOW=$(cat ${FILE_SHADOW})
+    DATE_STARTUP_SYSTEM=$(date -d "$(cut -f1 -d. /proc/uptime) seconds ago" +'%Y-%m-%d')	#"
+    # Дата когда был установлен пакет и впервые добавлены пользователи
+    DATE_SYSUSERS=$(stat --printf=%y ${ROOTFS}/usr/share/ublinux-sysusers/README | cut -d' ' -f1)
+    show_user(){
+	local SELECT_USER="$1"
+	[[ ${DATA_FILE_SHADOW} =~ ($'\n'|^)+${SELECT_USER}:([^$'\n']*):([^$'\n']*):([^$'\n']*):([^$'\n']*):([^$'\n']*):([^$'\n']*):([^$'\n']*):([^$'\n']*)($'\n'|$)+ ]] \
+	&& SELECT_PASSWORD=${BASH_REMATCH[2]} \
+	&& SELECT_LASTCHANGED=${BASH_REMATCH[3]} \
+	&& SELECT_MINDAY=${BASH_REMATCH[4]} \
+	&& SELECT_MAXDAY=${BASH_REMATCH[5]} \
+	&& SELECT_WARN=${BASH_REMATCH[6]} \
+	&& SELECT_INACTIVE=${BASH_REMATCH[7]} \
+	&& SELECT_EXPIRE=${BASH_REMATCH[8]} \
+	&& SELECT_NOUSE=${BASH_REMATCH[9]}
+	[[ -n ${SELECT_LASTCHANGED} ]] && SELECT_LASTCHANGED=$(date -d @$((${SELECT_LASTCHANGED}*24*60*60)) +'%Y-%m-%d')
+	[[ -n ${SELECT_EXPIRE} ]] && SELECT_LASTCHANGED=$(date -d @$((${SELECT_EXPIRE}*24*60*60)) +'%Y-%m-%d')
+	if [[ -z ${SELECT_MINDAY} && -z ${SELECT_MAXDAY} && -z ${SELECT_WARN} && -z ${SELECT_INACTIVE} && -z ${SELECT_EXPIRE} ]]; then
+	    [[ ${SELECT_LASTCHANGED} == ${DATE_STARTUP_SYSTEM} ]] && return 0
+	    # Сравнить дату впервые созданных пользователей с датой установки пакета ublinux-sysusers
+	    [[ ${SELECT_LASTCHANGED} == ${DATE_SYSUSERS} ]] && return 0
+#	    # Найти файл 'sysusers' где встречается пользователь и сравнить дату создания файла с датой создания пользователя
+#	    FILE_NAME_SYSTEMD=$(grep -E "^u[[:blank:]]+${SELECT_USER}" ${ROOTFS}/usr/share/ublinux-sysusers/*.sysusers ${ROOTFS}/usr/share/ublinux-sysusers/dynamic/*.sysusers 2>/dev/null | cut -d: -f1 | xargs stat --printf=%y | cut -d' ' -f1;)
+	fi
+	echo "USERSHADOW[${SELECT_USER}]='${SELECT_LASTCHANGED}:${SELECT_MINDAY}:${SELECT_MAXDAY}:${SELECT_WARN}:${SELECT_INACTIVE}:${SELECT_EXPIRE}'"
+    }
+    local PARAM_ALL="$@"
+    [[ -n ${PARAM_ALL} ]] || PARAM_ALL="@users @systems"
+    while IFS= read -r SELECT_PARAM; do
+	if [[ ${SELECT_PARAM} == "@users" ]]; then
+	# Все пользователи кроме системных
+	    UID_MIN=$([[ $(cat "${FILE_LOGINDEFS}") =~ [^#[^:blank:]]*UID_MIN[[:blank:]]+([[:digit:]]+)  ]]; echo -n "${BASH_REMATCH[1]}")
+	    UID_MAX=$([[ $(cat "${FILE_LOGINDEFS}") =~ [^#[^:blank:]]*UID_MAX[[:blank:]]+([[:digit:]]+)  ]]; echo -n "${BASH_REMATCH[1]}")
+	    while IFS= read -r SELECT_USER; do
+		show_user "${SELECT_USER}"
+	    done < <(awk -F':' -v USER_MIN=${UID_MIN:=1000} -v USER_MAX=${UID_MAX:=65534} '$3 >= USER_MIN && $3 <= USER_MAX && $1 != "nobody" { print $1}' ${FILE_PASSWD})
+	elif [[ ${SELECT_PARAM} == "@systems" ]]; then
+	# Пользователи системные
+	    UID_MIN=$([[ $(cat "${FILE_LOGINDEFS}") =~ [^#[^:blank:]]*SYS_UID_MIN[[:blank:]]+([[:digit:]]+)  ]]; echo -n "${BASH_REMATCH[1]}")
+	    UID_MAX=$([[ $(cat "${FILE_LOGINDEFS}") =~ [^#[^:blank:]]*SYS_UID_MAX[[:blank:]]+([[:digit:]]+)  ]]; echo -n "${BASH_REMATCH[1]}")
+	    while IFS= read -r SELECT_USER; do
+		show_user "${SELECT_USER}"
+	    done < <(awk -F':' -v USER_MIN=${UID_MIN:=500} -v USER_MAX=${UID_MAX:=999} '$3 >= USER_MIN && $3 <= USER_MAX && $1 != "nobody" { print $1}' ${FILE_PASSWD})
+	elif [[ ${SELECT_PARAM} == "@all" ]]; then
+	# Все пользователи
+	    while IFS= read -ru4 SELECT_USER; do
+		show_user "${SELECT_USER}"
+	    done 4< <(awk -F':' '$1 != "nobody" { print $1}' ${FILE_PASSWD})
+	elif [[ ${SELECT_PARAM} =~ ^([[:digit:]]+)'-'*([[:digit:]]*)$ ]]; then
+	    UID_MIN=${BASH_REMATCH[1]}
+	    UID_MAX=${BASH_REMATCH[2]}
+	    [[ -n ${UID_MAX} ]] || UID_MAX=${UID_MIN}
+	    while IFS= read -r SELECT_USER; do
+		show_user "${SELECT_USER}"
+	    done < <(awk -F':' -v USER_MIN=${UID_MIN:=1000} -v USER_MAX=${UID_MAX:=65534} '$3 >= USER_MIN && $3 <= USER_MAX && $1 != "nobody" { print $1}' ${FILE_PASSWD})
+	elif grep -q ^"${SELECT_PARAM}:" ${FILE_PASSWD} &>/dev/null; then
+	    show_user "${SELECT_PARAM}"
+	fi
+    done <<< "${PARAM_ALL// /$'\n'}"
+}
+
+############################################################################################################
+# Получить запись вида конфигурации GROUPADD из систеных групп
+#   $1		# Варианты групп, можно указывать несколько через пробел,  кроме nobody
+#     <пусто>		# Эквивалентно '@groups @systems'
+#     @groups		# Все кроме системных, MIN_GID и MAX_GID взять из /etc/login.defs
+#     @systems		# Только системные, SYS_MIN_GID и SYS_MAX_GID взять из /etc/login.defs
+#     @all		# Все c GID от 0 до 65535
+#     <digital>-<digital>	# Все пользователи диапазона
+#     <groupname>	# Имя группы
+get_conf_groupadd_from_system(){
+    FILE_GROUP="${ROOTFS}/etc/group"
+    FILE_GSHADOW="${ROOTFS}/etc/gshadow"
+    FILE_LOGINDEFS="${ROOTFS}/etc/login.defs"
+    DATA_FILE_GROUP=$(cat ${FILE_GROUP})
+    DATA_FILE_GSHADOW=$(cat ${FILE_GSHADOW})
+    # Загрузить файлы которые совпадают в каталогах /usr/lib/sysusers.d/ и /usr/share/ublinux-sysusers/. И загрузить которые уникальные в /usr/lib/sysusers.d/
+    DATA_SYSUSERS=$(cat \
+	$(comm --nocheck-order -12 <(cd /usr/lib/sysusers.d/ && ls -v1 *.conf | sed "s/\.conf//g") <(cd /usr/share/ublinux-sysusers/ && ls -v1 *.sysusers | sed "s/\.sysusers//g") | sed 's|^|/usr/share/ublinux-sysusers/|;s|$|.sysusers|') \
+	$(comm --nocheck-order -23 <(cd /usr/lib/sysusers.d/ && ls -v1 *.conf | sed "s/\.conf//g") <(cd /usr/share/ublinux-sysusers/ && ls -v1 *.sysusers | sed "s/\.sysusers//g") | sed 's|^|/usr/lib/sysusers.d/|;s|$|.conf|') \
+    )
+    show_group(){
+	local SELECT_GROUP="$1"
+	local SELECT_PLAINPASSWORD SELECT_GID SELECT_MEMBERS
+	[[ ${DATA_FILE_GROUP} =~ ($'\n'|^)+${SELECT_GROUP}:([^$'\n']*):([^$'\n']*):([^$'\n']*)($'\n'|$)+ ]] \
+	&& SELECT_PLAINPASSWORD=${BASH_REMATCH[2]} \
+	&& SELECT_GID=${BASH_REMATCH[3]} \
+	&& SELECT_MEMBERS=${BASH_REMATCH[4]}
+	local SELECT_PASSWORD SELECT_ADMINISTRATORS SELECT_GMEMBERS
+	[[ ${DATA_FILE_GSHADOW} =~ ($'\n'|^)+${SELECT_GROUP}:([^$'\n']*):([^$'\n']*):([^$'\n']*)($'\n'|$)+ ]] \
+	&& SELECT_PASSWORD=${BASH_REMATCH[2]} \
+	&& SELECT_ADMINISTRATORS=${BASH_REMATCH[3]} \
+	&& SELECT_GMEMBERS=${BASH_REMATCH[4]}
+	[[ ${SELECT_PASSWORD} == "!*" && ${SELECT_PLAINPASSWORD} != "x" ]] && SELECT_PASSWORD="${SELECT_PLAINPASSWORD}"
+	local SELECT_OPTIONAL
+	if [[ ${SELECT_PASSWORD} == "!*" && ${SELECT_MEMBERS} == ${SELECT_GMEMBERS} && -z ${SELECT_ADMINISTRATORS} ]]; then
+	    DATA_SYSUSERS_MEMBERS=$(sed -Enr "s/^m (.*) ${SELECT_GROUP}/\1/p" <<< ${DATA_SYSUSERS}) #"
+	    [[ -n ${DATA_SYSUSERS_MEMBERS} ]] && DATA_SYSUSERS_MEMBERS=$(printf "%s\n" ${DATA_SYSUSERS_MEMBERS} | sort -u | xargs | tr " " ",") || unset DATA_SYSUSERS_MEMBERS
+	    [[ ${SELECT_MEMBERS} == ${DATA_SYSUSERS_MEMBERS} ]] && return 0
+	fi
+	echo "GROUPADD[${SELECT_GROUP}]='${SELECT_MEMBERS}:${SELECT_GID}:${SELECT_OPTIONAL}:${SELECT_ADMINISTRATORS}:${SELECT_PASSWORD}'"
+    }
+    local PARAM_ALL="$@"
+    [[ -n ${PARAM_ALL} ]] || PARAM_ALL="@groups @systems"
+    while IFS= read -r SELECT_PARAM; do
+	if [[ ${SELECT_PARAM} == "@groups" ]]; then
+	# Все группы кроме системных
+	    GID_MIN=$([[ $(cat "${FILE_LOGINDEFS}") =~ [^#[^:blank:]]*GID_MIN[[:blank:]]+([[:digit:]]+)  ]]; echo -n "${BASH_REMATCH[1]}")
+	    GID_MAX=$([[ $(cat "${FILE_LOGINDEFS}") =~ [^#[^:blank:]]*GID_MAX[[:blank:]]+([[:digit:]]+)  ]]; echo -n "${BASH_REMATCH[1]}")
+	    while IFS= read -r SELECT_GROUP; do
+		show_group "${SELECT_GROUP}"
+	    done < <(awk -F':' -v GROUP_MIN=${GID_MIN:=1000} -v GROUP_MAX=${GID_MAX:=65534} '$3 >= GROUP_MIN && $3 <= GROUP_MAX && $1 != "nobody" { print $1}' ${FILE_GROUP})
+	elif [[ ${SELECT_PARAM} == "@systems" ]]; then
+	# Группы системные
+	    GID_MIN=$([[ $(cat "${FILE_LOGINDEFS}") =~ [^#[^:blank:]]*SYS_GID_MIN[[:blank:]]+([[:digit:]]+)  ]]; echo -n "${BASH_REMATCH[1]}")
+	    GID_MAX=$([[ $(cat "${FILE_LOGINDEFS}") =~ [^#[^:blank:]]*SYS_GID_MAX[[:blank:]]+([[:digit:]]+)  ]]; echo -n "${BASH_REMATCH[1]}")
+	    while IFS= read -r SELECT_GROUP; do
+		show_group "${SELECT_GROUP}"
+	    done < <(awk -F':' -v GROUP_MIN=${GID_MIN:=500} -v GROUP_MAX=${GID_MAX:=999} '$3 >= GROUP_MIN && $3 <= GROUP_MAX && $1 != "nobody" { print $1}' ${FILE_GROUP})
+	elif [[ ${SELECT_PARAM} == "@all" ]]; then
+	# Все группы
+	    while IFS= read -ru4 SELECT_GROUP; do
+		show_group "${SELECT_GROUP}"
+	    done 4< <(awk -F':' '$1 != "nobody" { print $1}' ${FILE_GROUP})
+	elif [[ ${SELECT_PARAM} =~ ^([[:digit:]]+)'-'*([[:digit:]]*)$ ]]; then
+	    GID_MIN=${BASH_REMATCH[1]}
+	    GID_MAX=${BASH_REMATCH[2]}
+	    [[ -n ${GID_MAX} ]] || GID_MAX=${GID_MIN}
+	    while IFS= read -r SELECT_GROUP; do
+		show_group "${SELECT_GROUP}"
+	    done < <(awk -F':' -v GROUP_MIN=${GID_MIN:=1000} -v GROUP_MAX=${GID_MAX:=65534} '$3 >= GROUP_MIN && $3 <= GROUP_MAX && $1 != "nobody" { print $1}' ${FILE_GROUP})
+	elif grep -q ^"${SELECT_PARAM}:" ${FILE_GROUP} &>/dev/null; then
+	    show_group "${SELECT_PARAM}"
+	fi
+    done <<< "${PARAM_ALL// /$'\n'}"
+}
+
+#####################################################################################
+#####################################################################################
+
 detectDE(){
     [[ -z ${SESSION} && ${KDE_FULL_SESSION} == true ]]      && SESSION=kde
     [[ -z ${SESSION} && ${XDG_CURRENT_DESKTOP} == XFCE ]]   && SESSION=xfce
diff --git a/ublinux/rc.halt.pre/25-accounts-sync b/ublinux/rc.halt.pre/25-accounts-sync
index 43f2fed..b7ddf5e 100755
--- a/ublinux/rc.halt.pre/25-accounts-sync
+++ b/ublinux/rc.halt.pre/25-accounts-sync
@@ -20,48 +20,30 @@ SOURCE=${SYSCONF}/users; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null
 ##   boot		# При загрузке системы принудительно применить глобальную конфигурацию на пользователя
 ##   shutdown		# При завершении работы системы синхронизировать указанных пользователей в системе с глобальной конфигурацией
 exec_useradd_sync(){
-    FILE_PASSWD="${ROOTFS}/etc/passwd"
-    FILE_SHADOW="${ROOTFS}/etc/shadow"
-    sync_user(){
-	local SELECT_USER="$1"
-	local SELECT_OPTIONAL=
-	local SELECT_EXTRAGROUPS=
-	[[ $(grep ^"${SELECT_USER}:" ${FILE_PASSWD}) =~ ^(.*):(.*):(.*):(.*):(.*):(.*):(.*)$ ]] \
-	&& SELECT_PLAINPASSWORD=${BASH_REMATCH[2]} \
-	&& SELECT_UID=${BASH_REMATCH[3]} \
-	&& SELECT_GROUP=${BASH_REMATCH[4]} \
-	&& SELECT_GECOS=${BASH_REMATCH[5]} \
-	&& SELECT_HOMEDIR=${BASH_REMATCH[6]} \
-	&& SELECT_SHELL=${BASH_REMATCH[7]}
-
-	[[ $(grep ^"${SELECT_USER}:" ${FILE_SHADOW}) =~ ^(.*):(.*):(.*):(.*):(.*):(.*):(.*):(.*):(.*)$ ]] \
-	&& SELECT_PASSWORD=${BASH_REMATCH[2]} \
-	&& SELECT_LASTCHANGED=${BASH_REMATCH[3]} \
-	&& SELECT_MINDAY=${BASH_REMATCH[4]} \
-	&& SELECT_MAXDAY=${BASH_REMATCH[5]} \
-	&& SELECT_WARN=${BASH_REMATCH[6]} \
-	&& SELECT_INACTIVE=${BASH_REMATCH[7]} \
-	&& SELECT_EXPIRE=${BASH_REMATCH[8]} \
-	&& SELECT_NOUSE=${BASH_REMATCH[9]}
-	
-	[[ -n ${SELECT_LASTCHANGED} ]] && SELECT_LASTCHANGED=$(date -d @$((${SELECT_LASTCHANGED}*24*60*60)) +'%Y-%m-%d')
-	[[ -n ${SELECT_EXPIRE} ]] && SELECT_LASTCHANGED=$(date -d @$((${SELECT_EXPIRE}*24*60*60)) +'%Y-%m-%d')
-	while IFS= read -r EXTRAGROUP; do [[ "${USERGROUPS},nobody" =~ ${EXTRAGROUP} ]] || SELECT_EXTRAGROUPS+=",${EXTRAGROUP}"; done < <(tr ' ' '\n' <<< $(id -nrG ${SELECT_USER}))
-	SELECT_EXTRAGROUPS=${SELECT_EXTRAGROUPS:1}
-	[[ -n ${SELECT_HOMEDIR} && ${SELECT_HOMEDIR} != "/home/${SELECT_USER}" ]] && SELECT_OPTIONAL+=" --home-dir ${SELECT_HOMEDIR}"
-	[[ -n ${SELECT_SHELL} && ${SELECT_SHELL} != "/bin/bash" ]] && SELECT_OPTIONAL+=" --shell ${SELECT_SHELL}"
-	${ROOTFS}/usr/bin/ubconfig --quiet --target global set [users] USERADD[${SELECT_USER}]="${SELECT_GECOS}:${SELECT_UID}:${SELECT_GROUP}:${SELECT_EXTRAGROUPS}:${SELECT_OPTIONAL}:${SELECT_PASSWORD}"
-	${ROOTFS}/usr/bin/ubconfig --quiet --target global set [users] USERSHADOW[${SELECT_USER}]="${SELECT_LASTCHANGED}:${SELECT_MINDAY}:${SELECT_MAXDAY}:${SELECT_WARN}:${SELECT_INACTIVE}:${SELECT_EXPIRE}"
+    set_ubconfig(){
+	local PARAM=$1
+	local GET_USERADD=$(get_conf_useradd_from_system ${PARAM})
+	local GET_USERSHADOW=$(get_conf_usershadow_from_system ${PARAM})
+	[[ -n ${GET_USERADD} ]] && ${ROOTFS}/usr/bin/ubconfig --quiet --target global set [users] ${GET_USERADD}
+	[[ -n ${GET_USERSHADOW} ]] && ${ROOTFS}/usr/bin/ubconfig --quiet --target global set [users] ${GET_USERSHADOW}
     }
-    if [[ ${USERADD_SYNC} =~ 'shutdown' ]]; then
-	# Все пользователи
-	UID_MIN=$([[ $(cat "${ROOTFS}/etc/login.defs") =~ [^#[^:space:]]*UID_MIN[[:space:]]+([[:digit:]]+)  ]]; echo -n "${BASH_REMATCH[1]}")
-	while IFS= read -r SELECT_USER; do
-	    sync_user "${SELECT_USER}"
-	done < <(awk -F':' -v USER_MIN=${UID_MIN} '$3 >= USER_MIN && $1 != "nobody" { print $1}' ${FILE_PASSWD})
-    elif [[ ${#USERADD_SYNC[@]} != 0 ]]; then
+    if [[ ${USERADD_SYNC} =~ 'shutdown@all' ]]; then
+	set_ubconfig "@all"
+    elif [[ ${USERADD_SYNC} =~ 'shutdown@users' ]]; then
+	set_ubconfig "@users"
+    elif [[ ${USERADD_SYNC} =~ 'shutdown@systems' ]]; then
+	set_ubconfig "@systems"
+    elif [[ ${USERADD_SYNC} =~ ^'shutdown@'(([[:digit:]]+)'-'*([[:digit:]]*))$ ]]; then
+	set_ubconfig "${BASH_REMATCH[1]}"
+    elif [[ ${USERADD_SYNC} =~ 'shutdown' ]]; then
+	set_ubconfig
+    fi
+    if [[ "$(declare -p USERADD_SYNC 2>/dev/null)" == "declare -A"* ]]; then
 	while IFS= read -u3 SELECT_USER; do
-	    [[ ${USERADD_SYNC[${SELECT_USER}]} =~ 'shutdown' ]] && sync_user ${SELECT_USER}
+	    #[[ ${USERADD_SYNC[${SELECT_USER}]} =~ 'shutdown' ]] && sync_user ${SELECT_USER}
+	    if [[ ${USERADD_SYNC[${SELECT_USER}]} =~ 'shutdown' ]]; then
+		set_ubconfig "${SELECT_USER}"
+	    fi 
 	done 3< <(printf "%s\n" "${!USERADD_SYNC[@]}")
     fi
 }
@@ -73,38 +55,32 @@ exec_useradd_sync(){
 ##   boot               # При загрузке системы принудительно применить глобальную конфигурацию на группу
 ##   shutdown           # При завершении работы системы синхронизировать указанные группы в системе с глобальной конфигурацией
 exec_groupadd_sync(){
-    FILE_GROUP="${ROOTFS}/etc/group"
-    FILE_GSHADOW="${ROOTFS}/etc/gshadow"
-    sync_group(){
-	local SELECT_GROUP="$1"
-	local SELECT_OPTIONAL=
-	[[ $(grep ^"${SELECT_GROUP}:" ${FILE_GROUP}) =~ ^(.*):(.*):(.*):(.*)$ ]] \
-	&& SELECT_GPASSWORD=${BASH_REMATCH[2]} \
-	&& SELECT_GID=${BASH_REMATCH[3]} \
-	&& SELECT_GUSERS=${BASH_REMATCH[4]}
-
-	[[ $(grep ^"${SELECT_GROUP}:" ${FILE_GSHADOW}) =~ ^(.*):(.*):(.*):(.*)$ ]] \
-	&& SELECT_PASSWORD=${BASH_REMATCH[2]} \
-	&& SELECT_ADMINISTRATORS=${BASH_REMATCH[3]} \
-	&& SELECT_SUSERS=${BASH_REMATCH[4]} \
-	
-	${ROOTFS}/usr/bin/ubconfig --quiet --target global set [users] GROUPADD[${SELECT_GROUP}]="${SELECT_GUSERS}:${SELECT_GID}::${SELECT_ADMINISTRATORS}:${SELECT_PASSWORD}"
+    set_ubconfig(){
+	local PARAM=$1
+	local GET_GROUPADD=$(get_conf_groupadd_from_system ${PARAM})
+	[[ -n ${GET_GROUPADD} ]] && ${ROOTFS}/usr/bin/ubconfig --quiet --target global set [users] ${GET_GROUPADD}
     }
-    if [[ ${GROUPADD_SYNC} =~ 'shutdown' ]]; then
-	# Все группы
-	GID_MIN=$([[ $(cat "${ROOTFS}/etc/login.defs") =~ [^#[^:space:]]*GID_MIN[[:space:]]+([[:digit:]]+)  ]]; echo -n "${BASH_REMATCH[1]}")
-	while IFS= read -r SELECT_GROUP; do
-	    sync_group "${SELECT_GROUP}"
-	done < <(awk -F':' -v GROUP_MIN=${GID_MIN} '$3 >= GROUP_MIN && $1 != "nobody" { print $1}' ${FILE_GROUP})
-    elif [[ ${#GROUPADD_SYNC[@]} != 0 ]]; then
+    if [[ ${GROUPADD_SYNC} =~ 'shutdown@all' ]]; then
+	set_ubconfig "@all"
+    elif [[ ${GROUPADD_SYNC} =~ 'shutdown@users' ]]; then
+	set_ubconfig "@users"
+    elif [[ ${GROUPADD_SYNC} =~ 'shutdown@systems' ]]; then
+	set_ubconfig "@systems"
+    elif [[ ${GROUPADD_SYNC} =~ ^'shutdown@'(([[:digit:]]+)'-'*([[:digit:]]*))$ ]]; then
+	set_ubconfig "${BASH_REMATCH[1]}"
+    elif [[ ${GROUPADD_SYNC} =~ 'shutdown' ]]; then
+	set_ubconfig
+    fi
+    if [[ "$(declare -p GROUPADD_SYNC 2>/dev/null)" == "declare -A"* ]]; then
 	while IFS= read -u3 SELECT_GROUP; do
-	    [[ ${GROUPADD_SYNC[${SELECT_GROUP}]} =~ 'shutdown' ]] && sync_group ${SELECT_GROUP}
+	    if [[ ${GROUPADD_SYNC[${SELECT_GROUP}]} =~ 'shutdown' ]]; then 
+		set_ubconfig "${SELECT_GROUP}"
+	    fi
 	done 3< <(printf "%s\n" "${!GROUPADD_SYNC[@]}")
     fi
 }
 
 
-
 ################
 ##### MAIN #####
 ################
diff --git a/ublinux/rc.preinit/10-accounts b/ublinux/rc.preinit/10-accounts
index 3c7e932..4e1bef9 100755
--- a/ublinux/rc.preinit/10-accounts
+++ b/ublinux/rc.preinit/10-accounts
@@ -334,7 +334,7 @@ exec_03_useradd(){
 	    local SELECT_USERNAME=$1
 	    if [[ -n ${PARAM} && -z ${ROOTFS} ]]; then
 	    # Вызов как исполнителя после ubconfig
-	    # Добавить параметр в ${FILE_ROOT_USERS}=.users_credential и удалить хеш параметра USERADD[.*] в /etc/ublinux/users
+	    # Добавить параметр в ${FILE_ROOT_USERS}=.users_credential и удалить хеш пароля параметра USERADD[.*] в /etc/ublinux/users
 		if [[ -f ${FILE_ROOT_USERS} ]]; then
 		    sed "/USERADD\[${SELECT_USERNAME}\]=/d" -i "${FILE_ROOT_USERS}"
 		    echo "USERADD[${SELECT_USERNAME}]='${USERADD[${SELECT_USERNAME}]}'" >> ${FILE_ROOT_USERS}
@@ -347,10 +347,16 @@ exec_03_useradd(){
 	    [[ ${SELECT_OPTIONAL} =~ ("--home-dir "|"-d ")([^' ']*)(' '|$) ]] && HOME_DIR_SELECT_USERNAME="${BASH_REMATCH[2]}" || HOME_DIR_SELECT_USERNAME="${PATH_HOME}/${SELECT_USERNAME}"
 	    [[ ${SELECT_UID,,} == "x" || ${SELECT_UID} =~ ^[^0-9]+$ ]] && unset SELECT_UID
 	    # Если существует домашний каталог пользователя, то UID берём от каталога
-	    [[ -z ${SELECT_UID} && -d "${ROOTFS}${HOME_DIR_SELECT_USERNAME}" ]] && SELECT_UID=$(stat -c %u "${ROOTFS}${HOME_DIR_SELECT_USERNAME}")
+	    if [[ -z ${SELECT_UID} && -d "${ROOTFS}${HOME_DIR_SELECT_USERNAME}" ]]; then
+		SELECT_UID=$(stat -c %u "${ROOTFS}${HOME_DIR_SELECT_USERNAME}")
+		[[ $(cat ${FILE_PASSWD} 2>/dev/null) =~ ($'\n'|^)+[^:]*:[^:]*:"${SELECT_UID}": ]] && unset SELECT_UID
+	    fi
 	    [[ ${SELECT_GROUP,,} == "x" ]] && unset SELECT_GROUP
 	    # Если существует домашний каталог пользователя, то GID берём от каталога
-	    [[ -z ${SELECT_GROUP} && -d "${ROOTFS}${HOME_DIR_SELECT_USERNAME}" ]] && SELECT_GROUP=$(stat -c %g "${ROOTFS}${HOME_DIR_SELECT_USERNAME}")
+	    if [[ -z ${SELECT_GROUP} && -d "${ROOTFS}${HOME_DIR_SELECT_USERNAME}" ]]; then
+		SELECT_GROUP=$(stat -c %g "${ROOTFS}${HOME_DIR_SELECT_USERNAME}")
+		[[ $(cat ${FILE_PASSWD} 2>/dev/null) =~ ($'\n'|^)+[^:]*:[^:]*:[^:]*:"${SELECT_GROUP}": ]] && unset SELECT_GROUP
+	    fi
 	    [[ ${SELECT_EXTRAGROUPS,,} == "x" ]] && unset SELECT_EXTRAGROUPS
 	    [[ ${SELECT_PASSWORD} == @(""|"x") ]] && SELECT_PASSWORD="${DEFAULTPASSWD}"
 	    [[ ${SELECT_PASSWORD} != @(""|'!*'|'!'|'*') ]] && SELECT_PASSWORD="$(return_hash_password hash ${HASHPASSWD} ${SELECT_PASSWORD})"
@@ -414,17 +420,17 @@ exec_03_useradd(){
 			[[ ${SELECT_OPTIONAL} =~ ("-o"|"--non-unique") ]] && [[ -n ${ARG_SELECT_UID} ]] || { ARG_SELECT_OPTIONAL=${ARG_SELECT_OPTIONAL//-o/}; ARG_SELECT_OPTIONAL=${ARG_SELECT_OPTIONAL//--non-unique/}; }
 			[[ ${SELECT_OPTIONAL} =~ ("-M"|"--no-create-home") ]] || { [[ -d "${ROOTFS}${HOME_DIR_SELECT_USERNAME}" ]] || ARG_SELECT_OPTIONAL+=" --create-home"; }
 			[[ ${SELECT_OPTIONAL} =~ ("-N"|"--no-user-group") ]] || { [[ -z ${SELECT_GROUP} ]] && ARG_SELECT_OPTIONAL+=" --user-group"; }
-			eval ${CMD_CHROOT} /usr/bin/useradd ${ARG_SELECT_UID} ${ARG_SELECT_GROUP} ${ARG_SELECT_GECOS} ${ARG_SELECT_OPTIONAL} ${ARG_SELECT_PASSWORD} ${SELECT_USERNAME} &>/dev/null; STATUS=$?
+			eval ${CMD_CHROOT} /usr/bin/useradd ${ARG_SELECT_UID} ${ARG_SELECT_GROUP} ${ARG_SELECT_GECOS} ${ARG_SELECT_OPTIONAL} ${ARG_SELECT_PASSWORD} ${SELECT_USERNAME}; STATUS=$?
 			[[ ${STATUS} -eq 0 ]] || { echo "WARNING: Attempt 1 to use 'useradd ${ARG_SELECT_UID} ${ARG_SELECT_GROUP} ${ARG_SELECT_GECOS} ${ARG_SELECT_OPTIONAL} ${SELECT_USERNAME}' failed, try attempt 2"; \
-			    eval ${CMD_CHROOT} /usr/bin/useradd ${ARG_SELECT_UID} ${ARG_SELECT_GROUP} ${ARG_SELECT_GECOS} ${ARG_SELECT_PASSWORD} ${SELECT_USERNAME} &>/dev/null; STATUS=$?; }
+			    eval ${CMD_CHROOT} /usr/bin/useradd ${ARG_SELECT_UID} ${ARG_SELECT_GROUP} ${ARG_SELECT_GECOS} ${ARG_SELECT_PASSWORD} ${SELECT_USERNAME}; STATUS=$?; }
 			[[ ${STATUS} -eq 0 ]] || { echo "WARNING: Attempt 2 to use 'useradd ${ARG_SELECT_UID} ${ARG_SELECT_GROUP} ${ARG_SELECT_GECOS} ${SELECT_USERNAME}' failed, try attempt 3"; \
-		    	    eval ${CMD_CHROOT} /usr/bin/useradd ${ARG_SELECT_UID} ${ARG_SELECT_GROUP} ${ARG_SELECT_PASSWORD} ${SELECT_USERNAME} &>/dev/null; STATUS=$?; }
+		    	    eval ${CMD_CHROOT} /usr/bin/useradd ${ARG_SELECT_UID} ${ARG_SELECT_GROUP} ${ARG_SELECT_PASSWORD} ${SELECT_USERNAME}; STATUS=$?; }
 			[[ ${STATUS} -eq 0 ]] || { echo "WARNING: Attempt 3 to use 'useradd ${ARG_SELECT_UID} ${ARG_SELECT_GROUP} ${SELECT_USERNAME}' failed, try attempt 4"; \
-		    	    eval ${CMD_CHROOT} /usr/bin/useradd ${ARG_SELECT_UID} ${ARG_SELECT_PASSWORD} ${SELECT_USERNAME} &>/dev/null; STATUS=$?; }
+		    	    eval ${CMD_CHROOT} /usr/bin/useradd ${ARG_SELECT_UID} ${ARG_SELECT_PASSWORD} ${SELECT_USERNAME}; STATUS=$?; }
 			[[ ${STATUS} -eq 0 ]] || { echo "WARNING: Attempt 4 to use 'useradd ${ARG_SELECT_UID} ${SELECT_USERNAME}' failed, try attempt 5"; \
-		    	    eval ${CMD_CHROOT} /usr/bin/useradd ${ARG_SELECT_PASSWORD} ${SELECT_USERNAME} &>/dev/null; STATUS=$?; }
+		    	    eval ${CMD_CHROOT} /usr/bin/useradd ${ARG_SELECT_PASSWORD} ${SELECT_USERNAME}; STATUS=$?; }
 			[[ ${STATUS} -eq 0 ]] || { echo "WARNING: Attempt 5 to use 'useradd ${SELECT_USERNAME}' failed, try attempt 6"; \
-		    	    eval ${CMD_CHROOT} /usr/bin/useradd ${SELECT_USERNAME} &>/dev/null; STATUS=$?; }
+		    	    eval ${CMD_CHROOT} /usr/bin/useradd ${SELECT_USERNAME}; STATUS=$?; }
 			[[ ${STATUS} -eq 0 ]] || { echo "ERROR: Attempt 6 to use 'useradd ${SELECT_USERNAME}' failed, exit"; return 1; }
 		    elif [[ -x ${ROOTFS}/usr/bin/busybox ]]; then
 		    # busybox adduser
@@ -445,9 +451,9 @@ exec_03_useradd(){
 			[[ ${SELECT_OPTIONAL} =~ ("-o"|"--non-unique") ]] && [[ -n ${ARG_SELECT_UID} ]] && ARG_SELECT_OPTIONAL+=" --non-unique"
 			[[ ${SELECT_OPTIONAL} =~ ("--shell "|"-s ")([^' ']*)(' '|$) ]] && ARG_SELECT_OPTIONAL+=" --shell ${BASH_REMATCH[2]}"
 			[[ ${SELECT_OPTIONAL} =~ ("--home-dir "|"-d ")([^' ']*)(' '|$) ]] && ARG_SELECT_OPTIONAL+=" --home ${BASH_REMATCH[2]} --move-home"
-			eval ${CMD_CHROOT} /usr/bin/usermod ${ARG_SELECT_UID} ${ARG_SELECT_GROUP} ${ARG_SELECT_GECOS} ${ARG_SELECT_OPTIONAL} ${ARG_SELECT_PASSWORD} ${SELECT_USERNAME} &>/dev/null; STATUS=$?
+			eval ${CMD_CHROOT} /usr/bin/usermod ${ARG_SELECT_UID} ${ARG_SELECT_GROUP} ${ARG_SELECT_GECOS} ${ARG_SELECT_OPTIONAL} ${ARG_SELECT_PASSWORD} ${SELECT_USERNAME}; STATUS=$?
 			[[ ${STATUS} -eq 0 ]] || { echo "WARNING: Attempt 1 to use 'usermod ${ARG_SELECT_UID} ${ARG_SELECT_GROUP} ${ARG_SELECT_GECOS} ${ARG_SELECT_OPTIONAL} ${SELECT_USERNAME}' failed, try attempt 2"; \
-			    eval ${CMD_CHROOT} /usr/bin/usermod ${ARG_SELECT_UID} ${ARG_SELECT_GROUP} ${ARG_SELECT_GECOS} ${ARG_SELECT_PASSWORD} ${SELECT_USERNAME} &>/dev/null; STATUS=$?; }
+			    eval ${CMD_CHROOT} /usr/bin/usermod ${ARG_SELECT_UID} ${ARG_SELECT_GROUP} ${ARG_SELECT_GECOS} ${ARG_SELECT_PASSWORD} ${SELECT_USERNAME}; STATUS=$?; }
 			[[ ${STATUS} -eq 0 ]] || { echo "ERROR: Attempt 2 to use 'usermod ${ARG_SELECT_UID} ${ARG_SELECT_GROUP} ${ARG_SELECT_GECOS} ${ARG_SELECT_PASSWORD} ${SELECT_USERNAME}' failed, exit"; return 1; }
 		    elif [[ -x ${ROOTFS}/usr/bin/busybox ]]; then
 			true
@@ -464,16 +470,18 @@ exec_03_useradd(){
 		# Задаём параметры пароля пользователю /etc/shadow из USERSHADOW[user]. Только если запущено отдельно с параметром.
 		[[ -n ${PARAM} && -n ${USERSHADOW[${SELECT_USERNAME}]} ]] && exec_04_usershadow "USERSHADOW[${SELECT_USERNAME}]=${USERSHADOW[${SELECT_USERNAME}]}"
 		# Проверим права на домашний каталог пользователя совпадают с указанным польователем, если нет, то переназначим
-		GET_UID_GID_HOME=$(${CMD_CHROOT} /usr/bin/stat -c "%U:%G" ${HOME_DIR_SELECT_USERNAME})
-		GET_UID_GID_SELECT="$(${CMD_CHROOT} /usr/bin/id -u ${SELECT_USERNAME}):$(${CMD_CHROOT} /usr/bin/id -g ${SELECT_GROUP:-${SELECT_USERNAME}})"
-		if [[ -d ${ROOTFS}${HOME_DIR_SELECT_USERNAME} && ${GET_UID_GID_HOME} != ${GET_UID_GID_SELECT} ]]; then
-		    eval ${CMD_CHROOT} /usr/bin/chown -f -h "${SELECT_USERNAME}:" \
-			$(${CMD_CHROOT} find ${HOME_DIR_SELECT_USERNAME} -maxdepth 1 -printf '"%p"\n') \
-			$(cat ${ROOTFS}/etc/xdg/user-dirs.defaults 2>/dev/null | grep -v "^\s*#" | sed -E "s|.*=(.*)|${HOME_DIR_SELECT_USERNAME}/\1|") \
-			$(cat ${ROOTFS}${HOME_DIR_SELECT_USERNAME}/.config/user-dirs.dirs 2>/dev/null | grep -v "^\s*#"| sed -E "s|.*HOME/(.*)|${HOME_DIR_SELECT_USERNAME}/\"\1|")
-		    ARG_RECURSIVE="-hRP"
-		    eval ${CMD_CHROOT} /usr/bin/chown -f ${ARG_RECURSIVE} "${SELECT_USERNAME}:" \
-			$(${CMD_CHROOT} find ${HOME_DIR_SELECT_USERNAME} -maxdepth 1 -name ".*" -printf '"%p"\n')
+		if [[ -d ${ROOTFS}${HOME_DIR_SELECT_USERNAME} ]]; then
+		    GET_UID_GID_HOME=$(${CMD_CHROOT} /usr/bin/stat -c "%U:%G" ${HOME_DIR_SELECT_USERNAME})
+		    GET_UID_GID_SELECT="$(${CMD_CHROOT} /usr/bin/id -u ${SELECT_USERNAME} 2>/dev/null):$(${CMD_CHROOT} /usr/bin/id -g ${SELECT_GROUP:-${SELECT_USERNAME}} 2>/dev/null)"
+		    if [[ ${GET_UID_GID_HOME} != ${GET_UID_GID_SELECT} ]]; then
+			eval ${CMD_CHROOT} /usr/bin/chown -f -h "${SELECT_USERNAME}:" \
+			    $(${CMD_CHROOT} find ${HOME_DIR_SELECT_USERNAME} -maxdepth 1 -printf '"%p"\n') \
+			    $(cat ${ROOTFS}/etc/xdg/user-dirs.defaults 2>/dev/null | grep -v "^\s*#" | sed -E "s|.*=(.*)|${HOME_DIR_SELECT_USERNAME}/\1|") \
+			    $(cat ${ROOTFS}${HOME_DIR_SELECT_USERNAME}/.config/user-dirs.dirs 2>/dev/null | grep -v "^\s*#"| sed -E "s|.*HOME/(.*)|${HOME_DIR_SELECT_USERNAME}/\"\1|")
+			ARG_RECURSIVE="-hRP"
+			eval ${CMD_CHROOT} /usr/bin/chown -f ${ARG_RECURSIVE} "${SELECT_USERNAME}:" \
+			    $(${CMD_CHROOT} find ${HOME_DIR_SELECT_USERNAME} -maxdepth 1 -name ".*" -printf '"%p"\n')
+		    fi
 		fi
 	    else
 		echo "INFO: The user '${SELECT_USERNAME}' exists in the system, the settings are not applied. To force the settings, enable the '[users] USERADD_SYNC[${SELECT_USERNAME}]=boot' option"
@@ -640,7 +648,7 @@ exec_05_groupadd(){
 		    sed "/GROUPADD\[${SELECT_GROUP}\]=/d" -i "${FILE_ROOT_USERS}"
 		    echo "GROUPADD[${SELECT_GROUP}]='${GROUPADD[${SELECT_GROUP}]}'" >> ${FILE_ROOT_USERS}
 		fi
-		[[ -f "${SYSCONF}/users" ]] && sed -E "s/(GROUPADD\[${SELECT_GROUP}\]=[\'\"]?)([^:]*:[^:]*:[^:]*:[^:]*:)[^\'\"]*([\'\"]?)/\1\2\3/g" -i -i "${SYSCONF}/users"
+		[[ -f "${SYSCONF}/users" ]] && sed -E "s/(GROUPADD\[${SELECT_GROUP}\]=[\'\"]?)([^:]*:[^:]*:[^:]*:[^:]*:)[^\'\"]*([\'\"]?)/\1\2\3/g" -i "${SYSCONF}/users"
 	    fi
 	    IFS=: read -r SELECT_USERS SELECT_GID SELECT_OPTIONAL SELECT_ADMINISTRATORS SELECT_PASSWORD NULL <<< "${GROUPADD[${SELECT_GROUP}]}"
 	    [[ ${SELECT_USERS} == "x" ]] && unset SELECT_USERS
@@ -726,8 +734,8 @@ exec_05_groupadd(){
 		LIST_GROUPADD_NOGID+="groupadd_local ${SELECT_GROUP}; "
 	    fi
 	done 3< <(printf "%s\n" "${!GROUPADD[@]}")
-	eval "${LIST_GROUPADD_GID}"
-	eval "${LIST_GROUPADD_NOGID}"
+	[[ -n ${LIST_GROUPADD_GID} ]] && eval "${LIST_GROUPADD_GID}"
+	[[ -n ${LIST_GROUPADD_NOGID} ]] && eval "${LIST_GROUPADD_NOGID}"
     elif [[ ${COMMAND} == @("set-="|"set--="|"remove") ]]; then
 	if [[ ${PARAM%%=*} =~ ^.*'['(.*)']' ]]; then
 	    SELECT_GROUP=${BASH_REMATCH[1]}
diff --git a/ublinux/templates/ublinux-data.ini b/ublinux/templates/ublinux-data.ini
index ef55551..3467fc1 100644
--- a/ublinux/templates/ublinux-data.ini
+++ b/ublinux/templates/ublinux-data.ini
@@ -234,10 +234,18 @@ SERVICES_ENABLE=dbus-broker,NetworkManager,sshd,systemd-swap,cups,cockpit.socket
 ## USERSHADOW[superadmin]=18009:0:120:7:14:
 
 ## Синхронизация пользователей системы /etc/passwd и их параметры /etc/shadow с глобальной конфигурацией
+## USERADD_SYNC='boot,shutdown,shutdown@all,shutdown@users,shutdown@systems,shutdown@<min>-<max>,shutdown@<gid>'
+##   shutdown		# Аналогичен shutdown@users + shutdown@systems
+##   shutdown@all	# При завершении работы системы синхронизировать всех пользователей в системе с глобальной конфигурацией
+##   shutdown@users	# При завершении работы системы синхронизировать пользователей 1000<=UID<=6000 в системе с глобальной конфигурацией
+##   shutdown@systems	# При завершении работы системы синхронизировать системных пользователей 500<=UID<=999 в системе с глобальной конфигурацией
+##   shutdown@<min>-<max> # При завершении работы системы синхронизировать диапазон UID пользователей в системе с глобальной конфигурацией
+##   shutdown@<gid>	# При завершении работы системы синхронизировать UID пользователя в системе с глобальной конфигурацией
+##
 ## USERADD_SYNC[user_name]='boot,shutdown'
 ##   user_name		# Имя пользователя, необязательное поле. Если не указано, то применяется для всех пользователей
 ##   boot		# При загрузке системы принудительно применить глобальную конфигурацию на пользователя
-##   shutdown		# При завершении работы системы синхронизировать указанных пользователей в системе с глобальной конфигурацией
+##   shutdown		# При завершении работы системы синхронизировать указанного пользователя в системе с глобальной конфигурацией
 ## USERADD_SYNC=boot
 ## USERADD_SYNC[superadmin]=boot,shutdown
 
@@ -258,9 +266,17 @@ SERVICES_ENABLE=dbus-broker,NetworkManager,sshd,systemd-swap,cups,cockpit.socket
 ## GROUPADD[g_department_2]='ob.ivanov,rv.smirnov:1001:x:superadmin,mv.rubin:$6$E7stRhRS8fCKk7UU$Qoqw62AUaUa5uLIc2KC7WV3MUThhrR8kjXtCODmnKCzKe2zHu1/wmsiWBHZEIk/IQnk/aELQYbUK93OUtrwg60'
 
 ## Синхронизация группы системы /etc/groups и их параметры /etc/gshadow с глобальной конфигурацией
+## GROUPADD_SYNC='shutdown,shutdown@all,shutdown@users,shutdown@systems,shutdown@<min>-<max>,shutdown@<gid>'
+##   shutdown		# Аналогичен shutdown@users + shutdown@systems
+##   shutdown@all	# При завершении работы системы синхронизировать все группы в системе с глобальной конфигурацией
+##   shutdown@users	# При завершении работы системы синхронизировать группы 1000<=GID<=6000 в системе с глобальной конфигурацией
+##   shutdown@systems	# При завершении работы системы синхронизировать системные группы 500<=GID<=999 в системе с глобальной конфигурацией
+##   shutdown@<min>-<max> # При завершении работы системы синхронизировать диапазон GID групп в системе с глобальной конфигурацией
+##   shutdown@<gid>	# При завершении работы системы синхронизировать GID группы в системе с глобальной конфигурацией
+##
 ## GROUPADD_SYNC[group_name]='shutdown'
 ##   group_name		# Имя группы, необязательное поле. Если не указано, то применяется для всех групп
-##   shutdown		# При завершении работы системы синхронизировать указанные группы в системе с глобальной конфигурацией
+##   shutdown		# При завершении работы системы синхронизировать указанную группу в системе с глобальной конфигурацией
 ## GROUPADD_SYNC[users]='shutdown'
 
 ## Groups for users
diff --git a/ublinux/templates/ublinux-data_cn.ini b/ublinux/templates/ublinux-data_cn.ini
new file mode 120000
index 0000000..77ef052
--- /dev/null
+++ b/ublinux/templates/ublinux-data_cn.ini
@@ -0,0 +1 @@
+ublinux-data.ini
\ No newline at end of file
diff --git a/ublinux/templates/ublinux-data_cn.sgn b/ublinux/templates/ublinux-data_cn.sgn
new file mode 120000
index 0000000..5283580
--- /dev/null
+++ b/ublinux/templates/ublinux-data_cn.sgn
@@ -0,0 +1 @@
+ublinux-data.sgn
\ No newline at end of file
diff --git a/ublinux/templates/ublinux-data_de.ini b/ublinux/templates/ublinux-data_de.ini
new file mode 120000
index 0000000..77ef052
--- /dev/null
+++ b/ublinux/templates/ublinux-data_de.ini
@@ -0,0 +1 @@
+ublinux-data.ini
\ No newline at end of file
diff --git a/ublinux/templates/ublinux-data_de.sgn b/ublinux/templates/ublinux-data_de.sgn
new file mode 120000
index 0000000..5283580
--- /dev/null
+++ b/ublinux/templates/ublinux-data_de.sgn
@@ -0,0 +1 @@
+ublinux-data.sgn
\ No newline at end of file
diff --git a/ublinux/templates/ublinux-data_fr.ini b/ublinux/templates/ublinux-data_fr.ini
new file mode 120000
index 0000000..77ef052
--- /dev/null
+++ b/ublinux/templates/ublinux-data_fr.ini
@@ -0,0 +1 @@
+ublinux-data.ini
\ No newline at end of file
diff --git a/ublinux/templates/ublinux-data_fr.sgn b/ublinux/templates/ublinux-data_fr.sgn
new file mode 120000
index 0000000..5283580
--- /dev/null
+++ b/ublinux/templates/ublinux-data_fr.sgn
@@ -0,0 +1 @@
+ublinux-data.sgn
\ No newline at end of file
diff --git a/ublinux/templates/ublinux_cn.ini b/ublinux/templates/ublinux_cn.ini
new file mode 120000
index 0000000..ac44f87
--- /dev/null
+++ b/ublinux/templates/ublinux_cn.ini
@@ -0,0 +1 @@
+ublinux.ini
\ No newline at end of file
diff --git a/ublinux/templates/ublinux_cn.sgn b/ublinux/templates/ublinux_cn.sgn
new file mode 120000
index 0000000..40afcaa
--- /dev/null
+++ b/ublinux/templates/ublinux_cn.sgn
@@ -0,0 +1 @@
+ublinux.sgn
\ No newline at end of file
diff --git a/ublinux/templates/ublinux_de.ini b/ublinux/templates/ublinux_de.ini
new file mode 120000
index 0000000..ac44f87
--- /dev/null
+++ b/ublinux/templates/ublinux_de.ini
@@ -0,0 +1 @@
+ublinux.ini
\ No newline at end of file
diff --git a/ublinux/templates/ublinux_de.sgn b/ublinux/templates/ublinux_de.sgn
new file mode 120000
index 0000000..40afcaa
--- /dev/null
+++ b/ublinux/templates/ublinux_de.sgn
@@ -0,0 +1 @@
+ublinux.sgn
\ No newline at end of file
diff --git a/ublinux/templates/ublinux_fr.ini b/ublinux/templates/ublinux_fr.ini
new file mode 120000
index 0000000..ac44f87
--- /dev/null
+++ b/ublinux/templates/ublinux_fr.ini
@@ -0,0 +1 @@
+ublinux.ini
\ No newline at end of file
diff --git a/ublinux/templates/ublinux_fr.sgn b/ublinux/templates/ublinux_fr.sgn
new file mode 120000
index 0000000..40afcaa
--- /dev/null
+++ b/ublinux/templates/ublinux_fr.sgn
@@ -0,0 +1 @@
+ublinux.sgn
\ No newline at end of file