On 03/05/2025 at 04:48, Holger Wansing wrote:
Am 2. Mai 2025 23:18:14 MESZ schrieb Cyril Brulebois <k...@debian.org>:
Pascal Hambourg <pas...@plouf.fr.eu.org> (2025-05-02):
Otherwise, I guess everyone agrees that user-setup cannot be left as
is. A workaround may be to call adduser with the username in --comment
to make sure the user account is created, and set the actual full name
with chfn -f ?
I have no opinion on what adduser should do (enforce limits or not,
which ones, etc.) but I would really hate it it we were basically
limited to offering ASCII usernames from d-i.
IMHO we are somewhat forced to follow adduser's rules here:
Like kibi, I would be very disappointed if d-i allowed only ASCII in the
full name.
being not consistent with adduser makes things even more worse (means:
for the first user created during installation there would be other
restrictions regarding allowed characters than for later created users).
The following observation may mitigate this statement:
- adduser does not restrict characters in the full name when run in
interactive mode (i.e. without --gecos/--comment).
- adduser is broadly used in non-interactive mode by package scripts to
create/remove system users only.
- adduser may be used in non-interactive mode as a back-end by
higher-level user management tools. For example gnome-system-tools
user-admin graphical front-end seems to use system-tools-backends which
calls adduser with an empty --gecos (deprecated, bug#1104622 submitted)
field and sets the full name with usermod -c which allows non-ASCII.
This is similar to the workaround I suggested above.
And I read above, that only ASCII characters are allowed in adduser,
and given this is still true, why not follow that path?
adduser maintainer Marc Haber admitted that the current regex is overly
tight and it should allow UTF-8 (except control characters).
