Bug#400683: [Pkg-shadow-devel] Bug#400683: passwd: useradd creates users with spaces in usernames

Paul Visscher paulv at canonical.org
Tue Nov 28 21:02:19 UTC 2006 

Christian Perrier [bubulle at debian.org] said:
> > paulv at malloc [08:47 AM] [0] ~$ sudo useradd " foo"
> > paulv at malloc [08:47 AM] [0] ~$ sudo userdel " foo"
> > userdel: user  foo does not exist
>
> *that* could be considered a bug but another one...Either one in
> useradd because it allows creating users with leading spaces in their
> usernames....or one in userdel for not being able to remove such
> users..:)

This actually is a bigger problem than userdel, I think.
shadow-4.0.3/src/userdel.c says:

    user_name = argv[argc - 1];
    if (!(pwd = getpwnam (user_name))) {
        fprintf (stderr,
                 _("%s: user %s does not exist\n"),
                 Prog, user_name); exit (E_NOTFOUND);
    }

So it looks like the problem with spaces is in getpwnam():

paulv at malloc [03:27 PM] [2] ~$ cat getpwnam.c
#include <sys/types.h>
#include <pwd.h>
#include <stdio.h>

int main() {
  struct passwd *bar;

  bar = getpwnam(" foo");

  if (bar == NULL) {
    printf("user ' foo' not found\n");
  } 
}
paulv at malloc [03:27 PM] [2] ~$ gcc getpwnam.c -o getpwnam
paulv at malloc [03:27 PM] [2] ~$ ./getpwnam 
user ' foo' not found

> Sure, but then what do you expect us to do? If support for usernames
> with spaces is removed, your autocreation script will fail
> anyway. Seems that the only solllution for you is avoiding spaces in
> usernmaes in the Novell server or hack your user creation scripts to
> replace spaces by underscores.

Oh, I'm sorry, I wasn't being very clear. None of our Novell usernames
have any spaces in them. There is a bug in (I believe) libpam-ncp where
when " foo" logs in, it asks Novell for "foo"'s password, and then
creates a user named " foo". I think somewhere in libpam-ncp (or maybe
on the Novell server, I don't know anything about Novell) the spaces are
getting stripped out.

The full problem is this. You probably don't care about all the details,
which is fine, but hopefully explaining it in this detail will help
explain why I think this is a bug and that it is one that should be
fixed.

  * You make a typo and log in to the system as " foo". Novell sees the
    user " foo" as "foo" and tells libpam-ncp authentication was
    successful. libpam-ncp creates a user named " foo" with the uid and
    gid of 1005. 

  * As part of the gnome login process, gnome creates files in /tmp
    based on your username. It asks getpw* what " foo"'s username is and
    (as demonstrated above) getpw* returns "foo". It creates
    /tmp/orbit-foo/, owned by 1005:1005

  * Everything works fine.

  * The next day, you do not make a typo and log in as "foo". libpam-ncp
    creates a user named "foo" with the uid and gid of 1006.

  * gnome asks getpw* what your username is, and checks to see if
    /tmp/orbit-foo/ exists. It does.

  * gnome tries to write files in /tmp/orbit-foo/. It fails because
    1005:1005 owns /tmp/orbit-foo/ and you are 1006:1006.

  * gnome doesn't know what to do, so it displays a bunch of cryptic
    errors to the user, and nothing works correctly.

There are probably a lot of solutions to this, like cleaning files out
of /tmp when a user logs out, or fixing gnome to be more robust. But
fundamentally I think spaces in the username are a bad idea, especially
given getpwnam()'s behavior.

--paulv
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/attachments/20061128/2b8c8e21/attachment.pgp

More information about the Pkg-shadow-devel mailing list