Bug#408148: [Adduser-devel] Bug#408148: adduser: Wrong failure message on invalid group name.

Stephen Gran sgran at debian.org
Wed Jan 24 03:03:42 CET 2007 

This one time, at band camp, Joerg Hoh said:
> Marc, this anomality still exists:
> 
> --------
> 
> joerg at hydra ~ $ LANG=C sudo addgroup 'a:a'
> addgroup: To avoid problems, the username should consist only of
> letters, digits, underscores, periods, at signs and dashes, and not start
> with
> a dash (as defined by IEEE Std 1003.1-2001). For compatibility with Samba
> machine accounts $ is also supported at the end of the username
> joerg at hydra ~ $ LANG=C sudo addgroup 'a_a'
> addgroup: Please enter a username matching the regular expression
> configured
> via the NAME_REGEX configuration variable.  Use the `--force-badname'
> option to relax this check or reconfigure NAME_REGEX.

The first one (a:a) _should_ fail, at least for now.  /etc/passwd style
files just won't cope with a user or group name with a : in them.  LDAP
or other backends will be more graceful, and when adduser supports
seperate backends, we can consider it.

The second one fails because of this:
steve at gashuffer:~$ grep name_regex AdduserCommon.pm
  $configref->{"name_regex"} = "^[a-z][-a-z0-9]*\$";

I am not convinced yet that this is wrong behavior.  Adduser seems to
have two failure modes: we will not allow this (a:a), and we will not
allow this without --force-badname (a_a).  I am not convinced that a_a
is that bad a username, but the seperate handling is appropriate, and
should only be changed after some discussion.  My personal inclination
is to add an underscore to the list of characters allowed in the second
block of the regex (i.e., not the first character of the name), but I
don't have a strong opinion on the matter.
-- 
 -----------------------------------------------------------------
|   ,''`.                                            Stephen Gran |
|  : :' :                                        sgran at debian.org |
|  `. `'                        Debian user, admin, and developer |
|    `-                                     http://www.debian.org |
 -----------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/adduser-devel/attachments/20070124/5ad430af/attachment.pgp

More information about the Adduser-devel mailing list