# args: <group> [options]
_addgroup() {
	if ! getent group "$1" >/dev/null; then
		groupadd "$@" >/dev/null
	fi
}

# args: <group> [options]
_adduser() {
	if ! getent passwd "$1" >/dev/null; then
		useradd "$@" >/dev/null
	fi
}

post_upgrade() {
	_addgroup optical -g 93
	_addgroup audio   -g 92
	_addgroup video   -g 91
	_addgroup floppy  -g 94
	_addgroup storage -g 95
	_addgroup log     -g 19
	_addgroup utmp    -g 20
	_addgroup power   -g 98
	_addgroup network -g 90
	_addgroup games   -g 50
	_addgroup uucp    -g 14
	_addgroup http    -g 33
	_adduser  http    -u 33 -d /srv/http -g http -s /bin/false
	_addgroup scanner -g 96
	_addgroup rfkill  -g 24
	_addgroup lock    -g 54
	_addgroup uuidd   -g 68
	_adduser uuidd    -u 68 -d / -g uuidd -s /sbin/nologin
	_addgroup dbus    -g 81
	_adduser dbus     -u 81 -d / -g dbus -s /sbin/nologin
	_addgroup systemd-journal -g 190

	# sync gshadow to group (fixes FS#19869)
	if ! grep -q '^lock:' etc/gshadow; then
		grpconv >/dev/null
	fi

	if ! grep -q '^include /etc/ld.so.conf.d/\*.conf$' etc/ld.so.conf; then
		echo 'include /etc/ld.so.conf.d/*.conf' >> etc/ld.so.conf
	fi

	# set "Last password change" > 0; otherwise su $user wont work
	for user in bin daemon mail ftp http nobody; do
		if LANG=C chage -l ${user} | grep -q 'password must be changed'; then
			chage -d 14871 ${user}
		fi
	done
}