Summary: | sys-apps/shadow: diverges from upstream to allow dots in usernames | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Michał Górny <mgorny> |
Component: | Current packages | Assignee: | Gentoo's Team for Core System packages <base-system> |
Status: | CONFIRMED --- | ||
Severity: | normal | CC: | pam-bugs+disabled, qa |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: |
https://bugs.gentoo.org/show_bug.cgi?id=623532 https://bugs.gentoo.org/show_bug.cgi?id=22920 |
||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Michał Górny
2017-10-18 20:50:27 UTC
IEEE Std 1003.1-2008, http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap03.html#tag_03_437 says: 3.437 User Name A string that is used to identify a user; see also User Database. To be portable across systems conforming to POSIX.1-2008, the value is composed of characters from the portable filename character set. The <hyphen-minus> character should not be used as the first character of a portable user name. Since the full stop is a valid character of the portable filename character set, I don't see a strong reason for us to change it, especially because such a change would break existing installations. The question to ask is rather why upstream deviates from POSIX and does not allow full stops in user names? (They do allow underscores and hyphens, though.) Thanks for opening this bug, since I was proposing that we open useradd even more to support full POSIX, via https://github.com/gentoo/gentoo/pull/5978. Your major point seems to be about portability. So I'll talk about portability. But if you are simply saying that Gentoo should always strictly follow upstream then I'll stop (which doesn't seem to be the case as I have seen patches in other packages). In the particular CVE you linked, regardless of whether systemd escalating to root when it can't recognize a user name is a good idea, I think it's a good example of how software should put a stricter constraints such that the config files written for their package are easily portable. But I can't say that for an OS. Ultimately it's in the admin's hands what user names they want to use, and they should be responsible for passing user names in the format the software they use requires, systemd, for example. At the OS level, we shouldn't limit how the admin wants to name their users. Many software packages, unlike systemd, have been implemented/updated to allow POSIX compliant names. And most major Linux distros I checked, Ubuntu, Debian, Fedora, RHEL, CentOS, all allow POSIX, too. So a Windows Active Directory user for example, could easily migrate their AD user names to a Linux distro, without having to convert all upper case letters in them into lower cases. One of my users is doing this and got broke on our Gentoo based Linux. I don't know why shadow upstream doesn't follow POSIX, but another important package, coreutils, has been updated to follow POSIX. But since the username regex in upstream shadow hasn't been changed in more than ten years and many other Linux distros have been maintaining their patches for nearly as long, I am not sure how likely it will be to convince upstream. |