[Pkg-shadow-devel] Allowing dots in usernames
Scott Garman
scott.a.garman at intel.com
Tue Dec 6 02:26:02 UTC 2011
On 12/05/2011 12:00 PM, Nicolas François wrote:
> The issues with dots is that is is (or used to be) used by chown as a
> separator between user and group.
> This issue can be relaxed because chown has good heuristics if I remember
> correctly.
> (I would still expect issues if the users and groups foo, foo.bar,
> bar.baz, foo.bar.baz, and baz exist and chown is called with foo.bar.baz)
>
>
> However in general for this issue, this part of libmisc/chkname.c is
> patched by all distributions (I do on Debian, it's done on Fedora, etc.)
> Therefore, I intend in the future to let the naming rule configurable (my
> current idea is to forbid only what would badly break the database, and
> have a blacklist / whitelist of characters, maybe with different lists for
> the first character).
> But I have currently no idea when the future will be.
>
> For your information, the current restrictions on Debian are:
> ':' -> field separator
> ',' -> member separator for groups
> '\n' -> entry separator
> ' ' -> can be confusing for options
> '\t' -> likewise
> '-' -> used for NIS as first character
> can be confusing for command line parsing
> '+' -> used for NIS as first character
> '~' -> used for expansion by shells
>
> (this was agreed on Debian to have very relaxed rules for useradd, but
> stricter rules in adduser)
Thanks so much for the clarification! We'll keep an eye on changes in
future versions should the configurable rule feature get added.
Regards,
Scott
--
Scott Garman
Embedded Linux Engineer - Yocto Project
Intel Open Source Technology Center
More information about the Pkg-shadow-devel
mailing list