nothing bad, just wondering how to make a user name trinitAX on my gentoo system, is all. I get this: nebuchadnezzar hylafax # adduser -m trinitAX adduser: invalid user name 'trinitAX'
Interesting question .. does it work on other distro, or with the old shadow stuff .. anyone ?
as far as I know, Slackware and RedHat both allow this. Presumably, Mandrake does as well, but I can not say for certain. I can, however, be sure of Slackware... I will check on Debian and Sorcerer this evening
Az, from Slackware: nebuchadnezzar htdig # chroot /mnt/slack/ /bin/bash nebuchadnezzar:/# adduser RaCh Login name for new user []: Rachel User id for Rachel [ defaults to next available]: Initial group for Rachel [users]: Additional groups for Rachel (seperated with commas, no spaces) []: users,wheel Rachel's home directory [/home/Rachel]: Rachel's shell [/bin/bash]: Rachel's account expiry date (YYYY-MM-DD) []: OK, I'm about to make a new account. Here's what you entered so far: New login name: Rachel New UID: [Next available] Initial group: users Additional groups: users,wheel Home directory: /home/Rachel Shell: /bin/bash Expiry date: [no expiration] This is it... if you want to bail out, hit Control-C. Otherwise, press ENTER to go ahead and make the account. Making new account... Changing the user information for Rachel Enter the new value, or press return for the default Full Name []: Room Number []: Work Phone []: Home Phone []: Other []: Changing password for Rachel Enter the new password (minimum of 5, maximum of 127 characters) Please use a combination of upper and lower case letters and numbers. New password: Bad password: too short. Warning: weak password (enter it again to use it anyway). New password: Bad password: too short. Warning: weak password (enter it again to use it anyway). New password: Re-enter new password: Password changed. Done... nebuchadnezzar:/#
From Debian: nebuchadnezzar htdig # chroot /mnt/deb/ /bin/bash nebuchadnezzar:/# adduser RaCh adduser: Please enter a username consisting of a lower case letter followed by lower case letters and numbers. Use the `--force-badname' option to allow underscores, and uppercase. nebuchadnezzar:/# adduser --force-badname RaCh Allowing use of questionable username. Adding user RaCh... Adding new group RaCh (1004). Adding new user RaCh (1004) with group RaCh. Creating home directory /home/RaCh. Copying files from /etc/skel Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully Changing the user information for RaCh Enter the new value, or press return for the default Full Name []: Room Number []: Work Phone []: Home Phone []: Other []: Is the information correct? [y/n] y nebuchadnezzar:/#
Sorcerer behaves exactly the way we do. Debian's comment on --force-badname makes me wonder though if this is some sort of security risk or something...
Hmm, ok, only spanner in the works, is that we dont have a "adduser" script, but a symlink to useradd. Is all this also true for useradd ?
good point, I will try useradd on slack and deb
On redhat 7.2: # useradd Bubbles # grep Bubbles /etc/passwd Bubbles:x:501:501::/home/Bubbles:/bin/bash capital's seem okay there.
From Debian then: nebuchadnezzar quirc # chroot /mnt/deb/ /bin/bash nebuchadnezzar:/# useradd RaCh useradd: user RaCh exists nebuchadnezzar:/# deluser RaCh Removing user RaCh... done. nebuchadnezzar:/# useradd RaCh nebuchadnezzar:/# grep !$ /etc/passwd grep RaCh /etc/passwd RaCh:x:1004:100::/home/RaCh:/bin/bash nebuchadnezzar:/#
And from Slackware: nebuchadnezzar quirc # chroot /mnt/slack/ /bin/bash nebuchadnezzar:/# deluser RaCh bash: deluser: command not found nebuchadnezzar:/# userdel !$ userdel RaCh userdel: user RaCh does not exist nebuchadnezzar:/# useradd RaCh nebuchadnezzar:/# grep !$ /etc/passwd grep RaCh /etc/passwd RaCh:x:1002:100::/home/RaCh: nebuchadnezzar:/#
It is recommended not to have uppercase usernames, because this can mess up a lot of email software that expects the names to be all lowercase.
Matthew Walker, got an URL for a document on this, perchance?
MAtthew Walker? seen my question above?
Sorry... Wasn't on the CC list. I found somewhere that mentions it. Posting the link, and the specific clip where it talks about the mailers. http://www.ocf.berkeley.edu/sysadmin-class/2002-spring/2002-03-12.html login: login names, aka usernames, are alphanumeric, 8 characters long, and unique. Windows and some Linux distributions allow for longer login names, and names which use spaces or other special characters. To insure portability between operating systems, it is practical to cater to the lowest common denominator and limit it to 8 charaters. They are case sensitive and best kept all lowercase, especially since sendmail and other mailers expect lowercase logins.
hmm, that seems unfounded though. Rachel tried sendmail-8.12.5 (her username is Rach) and it accepted it without complaint..
Well, I just know that's what I read. And it seems like good practice anyway. But maybe that's just me. Disclaimer: IANALH (I Am Not A Linux Hacker)
looking at the source, src/useradd.c generates the error message from a call to check_user_name() in libmisc/chkname.c, check_user_name() calls good_name() which looks like this: static int good_name(const char *name) /* * User/group names must match [a-z_][a-z0-9_-]* */ if (!*name || !((*name >= 'a' && *name <= 'z') || *name == '_')) return 0; while (*++name) { if (!((*name >= 'a' && *name <= 'z') || (*name >= '0' && *name <= '9') || *name == '_' || *name == '-' || (*name == '$' && *(name+1) == NULL))) return 0; } return 1; } So as you can see, useradd does not allow you to have mixed-case. I don't know if we want to patch this to allow mixed case or not. What do you think Az?
Let me interject and pose these (brief) questions and a request: 1. What are we really trying to 'fix'? 2. Is there a reasonable workaround, presuming this is really a 'problem'. 3. Is it also reasonable to ASSuME that adduser is written this way for a reason? 4. And if so, what _may_ break with this change? If a decision is made to patch adduser, can we please patch in functionality similiar to Debian's '--force-badname' instead of completely bypassing the check by default?
(thanks to rach for researching this) * slackware uses an updated shadow and exhibits our useradd's behavior * redhat (7.2) is using an old shadow which allows mixed case * debian stable is using an old shadow I personally think adjusting shadow to allow mixed case is a bad idea for two reasons: 1) patching shadow to use mixed case is akin to forking shadow itself and 2) who knows what other utils (if any) follow the new shadow conventions -- will changing shadow also involve patching any other utils which asume the new shadow conventions mean we have to patch those too? I'm gunning for this bug to be resolved as wontfix or invalid.
I am pro not changing. Nothing should break with leaving it as is, except maybe for leetness *g* On the other hand, as there are thousands of programs out there, we cannot say with surety that this change wont break one of them. In a case like this, I will rather go with security.
Fair enough :) Thanks gentlemen
bah humbug, I'd like to be able to have mixed case, I always fail to login at least once every boot jsut from force of habit, make some kinda patch and mask it in the mask file and make it ~x86 so it makes it even hard to get installed, leave a nice little disclaimer on the ebuild saying use at your own risk, ymmv, have fun!