Bug 31049

Summary: /usr/sbin/adduser does not allow '.' in login name. [PATCH]
Product: Base System Reporter: Jim.Pirzyk <Jim.Pirzyk>
Component: binAssignee: Yar Tikhiy <yar>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: 4.4-RELEASE   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
file.diff none

Description Jim.Pirzyk 2001-10-04 21:50:01 UTC 
	You cannot add a user account with a '.' in it even though a '.' is a
	valid login character per POSIX (XBDd6 section 3.426)
Comment 1 Giorgos Keramidas 2001-10-04 23:45:49 UTC 
Jim Pirzyk <Jim.Pirzyk@disney.com> wrote:
> 
> -    if ($name !~ /^[a-z0-9_][a-z0-9_\-]*$/ || $name eq "a-z0-9_-") {
> +    if ($name !~ /^[a-z0-9_][a-z0-9_\-\.]*$/ || $name eq "a-z0-9_-.") {
>         warn "Wrong username. " .
>             "Please use only lowercase characters or digits\a\n";

Pleaase make that warning:

      warn "Wrong username. " .
          "Please use lowercase characters, digits or '_' " .
          "as the starting character, and lowercase letters, " .
          "digits, '_', '-' or '.' in the rest of the username\a\n";

-giorgos
Comment 2 setantae 2001-10-05 10:22:48 UTC 
Even better, please make it start with "Bad username" instead of
"Wrong username".

I don't see how the username can be ``wrong'' if I'm adding the user.

Ceri
Comment 3 Yar Tikhiy 2001-10-11 16:11:07 UTC 
Could you quote POSIX on the characters allowed in usernames?
What characters are allowed? This question has to do with the fact
that "adduser" and "pw" use inconsistent algorithms of validating a
username,
so I'd like to fix both.
Comment 4 Jim.Pirzyk 2001-10-11 16:51:36 UTC 
On Thursday 11 October 2001 08:11 am, Yar Tikhiy wrote:
> Could you quote POSIX on the characters allowed in usernames?
> What characters are allowed? This question has to do with the fact
> that "adduser" and "pw" use inconsistent algorithms of validating a
> username,
> so I'd like to fix both.


This is grom Garrett:

From XBDd6 section 3.426 says:

User Name
        A string that is used to identify a user; see also Section
        3.424 (on page 90). To be portable across systems conforming
        to IEEE Std 1003.1-200x, the value is composed of characters
        from the portable filename character set. The hyphen should
        not be used as the first character of a portable user name.

- JimP

-- 
--- @(#) $Id: dot.signature,v 1.10 2001/05/17 23:38:49 Jim.Pirzyk Exp $
    __o   Jim.Pirzyk@disney.com ------------- pirzyk@freebsd.org
 _'\<,_   Senior Systems Engineer, Walt Disney Feature Animation 
(*)/ (*)
Comment 5 Yar Tikhiy freebsd_committer freebsd_triage 2001-10-12 14:21:20 UTC 
Responsible Changed
From-To: freebsd-bugs->yar

I'll try do something about that.
Comment 6 Yar Tikhiy freebsd_committer freebsd_triage 2002-01-02 18:55:04 UTC 
State Changed
From-To: open->analyzed

Allowing '.' in usernames may break compatibility with 
older systems, NIS or Kerberos. Therefore we'd rather 
not allow that by default. 
However, a patch optionally allowing any characters in usernames 
was committed to -current.
Comment 7 Yar Tikhiy 2002-01-03 06:21:24 UTC 
On Wed, Jan 02, 2002 at 02:06:20PM -0800, Pirzyk, Jim wrote:
> On Wednesday 02 January 2002 11:00 am, yar@FreeBSD.org wrote:
> > Allowing '.' in usernames may break compatibility with
> > older systems, NIS or Kerberos. Therefore we'd rather
> > not allow that by default.
> > However, a patch optionally allowing any characters in usernames
> > was committed to -current.
> 
> Huh??  Why are we allowing all characters?  Seems that we

It's *optional* and not enabled by default.

> should allow the POSIX set of characters that are allowed, or
> at least allow this to be configurable.  

Your point looks reasonable.  What about the ``-posix'' option to adduser?

-- 
Yar
Comment 8 Jim.Pirzyk 2002-01-03 21:16:11 UTC 
On Wednesday 02 January 2002 10:21 pm, Yar Tikhiy wrote:
> On Wed, Jan 02, 2002 at 02:06:20PM -0800, Pirzyk, Jim wrote:
> > On Wednesday 02 January 2002 11:00 am, yar@FreeBSD.org wrote:
> > > Allowing '.' in usernames may break compatibility with
> > > older systems, NIS or Kerberos. Therefore we'd rather
> > > not allow that by default.
> > > However, a patch optionally allowing any characters in usernames
> > > was committed to -current.
> >
> > Huh??  Why are we allowing all characters?  Seems that we
>
> It's *optional* and not enabled by default.
>
> > should allow the POSIX set of characters that are allowed, or
> > at least allow this to be configurable.
>
> Your point looks reasonable.  What about the ``-posix'' option to adduser?

Sure sounds like a good idea.  

Thx

- JimP

-- 
--- @(#) $Id: dot.signature,v 1.10 2001/05/17 23:38:49 Jim.Pirzyk Exp $
    __o   Jim.Pirzyk@disney.com -------------------------------------
 _'\<,_   Senior Systems Engineer, Walt Disney Feature Animation 
(*)/ (*)
Comment 9 Yar Tikhiy freebsd_committer freebsd_triage 2002-01-28 18:10:47 UTC 
I've just committed to -current a new solution to this old problem:
The regular expression to check usernames against is
now configurable. Thus every admin who knows egrep(1)
can customize it corresponding to his needs.

-- 
Yar
Comment 10 Yar Tikhiy freebsd_committer freebsd_triage 2002-02-15 17:35:21 UTC 
State Changed
From-To: analyzed->closed

The final solution committed to -current and -stable. Thanks!