[Adduser-devel] r202 - in trunk: . debian doc

Marc Haber zugschlus@costa.debian.org
Mon, 07 Feb 2005 19:37:29 +0100 

Author: zugschlus
Date: 2005-02-07 19:37:28 +0100 (Mon, 07 Feb 2005)
New Revision: 202

Modified:
   trunk/adduser
   trunk/debian/changelog
   trunk/doc/adduser.8
   trunk/doc/adduser.conf.5
Log:
  * make username verification regexp configurable. (mh)
    Closes: #283110, #287535


Modified: trunk/adduser
===================================================================
--- trunk/adduser	2005-02-05 14:36:07 UTC (rev 201)
+++ trunk/adduser	2005-02-07 18:37:28 UTC (rev 202)
@@ -118,6 +118,7 @@
 $config{"quotauser"} = "";
 $config{"dir_mode"} = "0755";
 $config{"setgid_home"} = "no";
+$config{"name_regex"} = "^[a-z][-a-z0-9]*\$";
 
 $action = $0 eq "addgroup" ? "addgroup" : "adduser";
 
@@ -725,23 +726,24 @@
 # is name ok?
 sub checkname {
     my ($name) = @_;
-    if ($allow_badname && $name !~ /^[A-Za-z_][-_A-Za-z0-9]*\$?$/) {
+    if ($name !~ /^[-\.A-Za-z0-9]*\$?$/) {
 	print STDERR
-"$0: ",_("To avoid problems, the username should consist of a letter or
-underscore followed by letters, digits, underscores, and dashes. For
-compatibility with Samba machine accounts \$ is also supported at the
-end of the username\n");
+"$0: ",_("To avoid problems, the username should consist of
+letters, digits, underscores, periods and dashes. For compatibility with
+Samba machine accounts \$ is also supported at the end of the username\n");
 	exit 1;
     }
-    elsif ($name !~ /^[a-z][a-z0-9\-]*$/) {
-	if (!$allow_badname) {
-	    print STDERR
-"$0: ",_("Please enter a username consisting of a lower case letter
-followed by lower case letters and numbers.  Use the `--force-badname'
-option to allow underscores, and uppercase.\n");
-	    exit 1;
-	}
+    if ($name !~ qr/$config{"name_regex"}/) {
+      if ($allow_badname) {
 	print _("Allowing use of questionable username.\n") if ($verbose);
+      }
+      else {
+        print STDERR
+"$0: ",_("Please enter a username matching the regular expression configured
+via the name_regex configuration variable.  Use the `--force-badname'
+option to relax this check or reconfigure name_regex.\n");
+        exit 1;
+      }
     }
 }
 

Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog	2005-02-05 14:36:07 UTC (rev 201)
+++ trunk/debian/changelog	2005-02-07 18:37:28 UTC (rev 202)
@@ -1,8 +1,10 @@
 adduser (3.61) UNRELEASED; urgency=low
 
   * NOT RELEASED YET
+  * make username verification regexp configurable. (mh)
+    Closes: #283110, #287535
 
- -- Marc Haber <mh+debian-packages@zugschlus.de>  Sat,  5 Feb 2005 14:35:45 +0000
+ -- Marc Haber <mh+debian-packages@zugschlus.de>  Mon,  7 Feb 2005 17:57:56 +0000
 
 adduser (3.60) experimental; urgency=low
 

Modified: trunk/doc/adduser.8
===================================================================
--- trunk/doc/adduser.8	2005-02-05 14:36:07 UTC (rev 201)
+++ trunk/doc/adduser.8	2005-02-07 18:37:28 UTC (rev 202)
@@ -181,14 +181,12 @@
 SSH RSA keys, but not using password authentification.
 .TP
 .B \-\-force\-badname
-By default, user and group names are required to consist of a
-lowercase letter followed by zero or more lowercase letters or numbers. Dashes
-in user and group names are accepted as well.
-This option forces
+By default, user and group names are checked against a configurable
+regular expression. This option forces
 .B adduser
 and 
 .B addgroup
-to be more lenient.
+to apply only a weak check for validity of the name.
 .TP
 .B \-\-gecos GECOS
 Set the gecos field for the new entry generated.  adduser will not ask

Modified: trunk/doc/adduser.conf.5
===================================================================
--- trunk/doc/adduser.conf.5	2005-02-05 14:36:07 UTC (rev 201)
+++ trunk/doc/adduser.conf.5	2005-02-07 18:37:28 UTC (rev 202)
@@ -104,6 +104,12 @@
 \fBQUOTAUSER\fP
 If set to a nonempty value, new users will have quotas copied from
 that user.  The default is empty.
+.TP
+\fBUSER_REGEX\fB
+User names are checked against this regular expression. If the name
+doesn't match this regexp, user creation is refused unless
+--force-badname is set. With --force-badname set, only weak checks are
+performed. The default is the most conservative ^[a-z][-a-z0-9]*\$.
 .SH FILES
 .I /etc/adduser.conf
 .SH SEE ALSO