On Sat, Apr 02, 2005 at 10:07:26PM +0300, Alexander Gattin wrote: > On Thu, Mar 31, 2005 at 03:21:05AM +0200, Tomasz KÅoczko wrote: > > On Thu, 31 Mar 2005, Nicolas [iso-8859-1] FranÃois wrote: > > [..] > > > * the implementation from RedHat, which seems reasonable to me. (maybe > > > we should not allow usernames starting with a '-'). > > Consider what most tools (from coreutils/shadow/adduser > etc.) will think about "-h" or "--verbose" username? :))
I've just tried it, the Debian's useradd allows much funnier user names: # useradd '`ls /`' # getent passwd '`ls /`' `ls /`:x:1042:100::/home/`ls /`: And it also allows brain damaged admins to use `rm -rf /` as a username (she will then have to check twice her command lines that use this user ;). > > > useradd will still be much more permissive than adduser, but some > > > reasonable checks will be performed. > > > The RedHat equivalent regex is "^[a-zA-Z_][a-zA-Z0-9_-.]*\$?$" > > > > About using "." in username: tru use "chown user.name <file>". > > Good contr-example. ;-) chown uses an heuristic algorithm to handle this. It is probably something like: * if the "user.name" user exist and there is either no "user" user or no "name" group, then the user is set to "user.name". (this works, I just tested it) * if there is no "user.name" and the "user" user and the "name" group both exist, then the user is set to "user" and the group set to "name" * otherwise, I don't know what happens, but it seems reasonable to just display a warning (I didn't check). IIRC, this modification was performed to be POSIX compliant, without breaking all existing scripts. Regarding upper cases, I remember a discussion about using "Debian-*" users for some packages administrative users (for exim, IIRC). I'm not sure this discussion ended. It could resurface after Sarge. I could find this thread, but I think it was also discussed earlier: http://lists.debian.org/debian-devel/2005/02/msg00226.html Best Regards, -- Nekral
