Description of problem: When an account is locked with lusermod --lock and later unlocked with lusermod --unlock The account is still not working. The account was originally encoded with SMD5 (according to openldap). Maybe libuser is only suited for certain encodings? I have crypt_style=md5 in the config.
Thanks for your report. This happens with LDAP, right? libuser supports only {crypt}; {smd5}xxx would be treated as a plain-text password and re-encrypted before locking. The next release of libuser (after the F11 translation deadline) will report an error instead of re-encrypting LDAP passwords in that way. If you use libuser to change passwords, it will always use {crypt}; to support other schemes, libuser should probably support RFC3062 (although that doesn't support locking/unlocking accounts at all). Patches accepted :)