Bug#1101196: installation-reports: Trixie Installer fails to create first user when full name contains non-ASCII characters and spaces

Sat, 29 Mar 2025 17:44:22 -0700 

Hi,

David <bouncingc...@gmail.com> (2025-03-29):
> (I am not the maintainer, just an observer)
> 
> Thank you for your work on Debian!
> 
> The discussion on this bug so far seems to have not noticed that
> there was recent discussion on the debian-devel mailing list about
> this topic.
> 
> Approximately 40 messages beginning in November 2024:
>   https://lists.debian.org/debian-devel/2024/11/msg00250.html
> Approximately 60 messages continuing in December 2024:
>   https://lists.debian.org/debian-devel/2024/12/msg00012.html

Thanks for the pointer, but a discussion on debian-devel@ isn't exactly
an explanation for becoming overly strict, especially if it isn't quite
self-explanatory in the changelog. As far as I understand the git
history, that strictness was implemented in 3.138, and the best I could
find was the following:

  * adapt adduser to more strict user name checking now enforced by
    useradd. This unfortunately meant to disable some more of our tests.

which doesn't quite capture what's happening.

Maybe I'm just misunderstanding the code base and/or failing to find
proper documentation, that's entirely possible.

Moreover, useradd(8) mentions:

       -c, --comment COMMENT
           Any text string. It is generally a short description of the account,
           and is currently used as the field for the user's full name.

While adduser(8) has:

       --comment comment
              Set  the comment field for the new entry generated.  adduser will
              not ask for the information if this option is given.  This  field
              is also known under the name GECOS field and contains information
              that  is  used  by  the  finger(1)  command.  This used to be the
              --gecos option, which is deprecated and will be removed after De‐
              bian bookworm.  Valid modes: adduser, adduser --system.

Neither of those mentions any restrictions, nor a way to bypass them.

There are a number of options to allow bad or even all names, but that's
a very different logic and doesn't apply to the comment sanitization.


Side note for user-setup, we should apparently migrate from --gecos to
--comment at some point, but that doesn't change the way things are
managed, both set $new_comment as a string via GetOptions.


Cheers,
-- 
Cyril Brulebois (k...@debian.org)            <https://debamax.com/>
D-I release manager -- Release team member -- Freelance Consultant

Attachment: signature.asc
Description: PGP signature

Reply via email to