You are not logged in.

#1 2013-06-21 21:02:52

GI Jack
Member
Registered: 2010-12-29
Posts: 92

[solved] need to make usernames with a "."(peroid) with useradd.

when I try to make a hostname with useradd, I get an invalid user name error:

$ useradd tes.t
useradd: invalid user name 'tes.t'

So far, strace'ing, and doing some research, I've found that linux itself can use "." names, if I insert the account into /etc/passwd manually, and the code that checks for valid characters in usernames is in the source code of the package "shadow", SOMEWHERE, and there is no file that useradd checks that can override the baked in default.

After hours of searching various source code files I got from shadow via makepkg -o, I cannot find the code that checks for valid characters

Its also important to use useradd to make accounts, AND use "."(peroid) names, because the machine in question has to function as part of a larger previously existing install that uses a script that syncs logins over the network, accross many *nix machines. the "." are part of the network wide username login schemes that work with previously existing linux and BSD servers.

I was able to patch the code in chckname.c

I then reuploaded the fixed package to AUR
https://aur.archlinux.org/packages/shadow-jack/

Last edited by GI Jack (2013-06-25 18:00:54)

Offline

#2 2013-06-21 21:07:51

karol
Archivist
Registered: 2009-05-06
Posts: 25,440

Re: [solved] need to make usernames with a "."(peroid) with useradd.

man useradd wrote:

Usernames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes. They can end with a dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?

Usernames may only be up to 32 characters long.


Edit: https://lists.fedoraproject.org/piperma … 21534.html works for me:

For the example I used adduser to add "joeuser", then I used vipw to modify "joeuser" to be "joe.user" in the password and shadow files.

It appears as though adduser and useradd check to see if there is a dot and complains if there is.

Last edited by karol (2013-06-21 21:22:06)

Offline

#3 2013-06-22 02:37:47

GI Jack
Member
Registered: 2010-12-29
Posts: 92

Re: [solved] need to make usernames with a "."(peroid) with useradd.

karol wrote:

For the example I used adduser to add "joeuser", then I used vipw to modify "joeuser" to be "joe.user" in the password and shadow files.

It appears as though adduser and useradd check to see if there is a dot and complains if there is.

As I've stated in the OP, this is not an option. I need it to work with useradd, because it interfaces with a script that does automatic username mateneince/addition script that is automaticly run by a remote server via ssh.

This is part of a pre-existing setup, that is niether designed, nor maintained by myself, required for interoperbility on a larger network, of which just now, I built the first Arch Linux server.


There is no way around that I need useradd to work with "."(peroids).

Offline

#4 2013-06-22 09:01:09

karol
Archivist
Registered: 2009-05-06
Posts: 25,440

Re: [solved] need to make usernames with a "."(peroid) with useradd.

Some threads found with google suggested recompiling useradd and chown and some mention that http://stackoverflow.com/questions/6949 … and-rhel-6

Pablo Castellazzi wrote:

user{add,mod,del} are PAM aware tools, they will allow everything the underlaying pam modules allow.

I've found login_regex in adduser2.sh contrib script, but that's still not useradd.

Offline

#5 2013-06-23 22:49:28

Leonid.I
Member
From: Aethyr
Registered: 2009-03-22
Posts: 999

Re: [solved] need to make usernames with a "."(peroid) with useradd.

GI Jack wrote:

when I try to make a hostname with useradd, I get an invalid user name error:

$ useradd tes.t
useradd: invalid user name 'tes.t'

So far, strace'ing, and doing some research, I've found that linux itself can use "." names, if I insert the account into /etc/passwd manually, and the code that checks for valid characters in usernames is in the source code of the package "shadow", SOMEWHERE, and there is no file that useradd checks that can override the baked in default.

After hours of searching various source code files I got from shadow via makepkg -o, I cannot find the code that checks for valid characters

Look at is_valid_name() below

[lisaev@V-arch shadow-4.1.5.1]$ cat libmisc/chkname.c
#include <config.h>

#ident "$Id: chkname.c 2828 2009-04-28 19:14:05Z nekral-guest $"

#include <ctype.h>
#include "defines.h"
#include "chkname.h"

static bool is_valid_name (const char *name)
{
	/*
	 * User/group names must match [a-z_][a-z0-9_-]*[$]
	 */
	if (('\0' == *name) ||
	    !((('a' <= *name) && ('z' >= *name)) || ('_' == *name))) {
		return false;
	}

	while ('\0' != *++name) {
		if (!(( ('a' <= *name) && ('z' >= *name) ) ||
		      ( ('0' <= *name) && ('9' >= *name) ) ||
		      ('_' == *name) ||
		      ('-' == *name) ||
		      ( ('$' == *name) && ('\0' == *(name + 1)) )
		     )) {
			return false;
		}
	}

	return true;
}

bool is_valid_user_name (const char *name)
{
	/*
	 * User names are limited by whatever utmp can
	 * handle.
	 */
	if (strlen (name) > USER_NAME_MAX_LENGTH) {
		return false;
	}

	return is_valid_name (name);
}

bool is_valid_group_name (const char *name)
{
	/*
	 * Arbitrary limit for group names.
	 * HP-UX 10 limits to 16 characters
	 */
	if (   (GROUP_NAME_MAX_LENGTH > 0)
	    && (strlen (name) > GROUP_NAME_MAX_LENGTH)) {
		return false;
	}

	return is_valid_name (name);
}
GI Jack wrote:

Its also important to use useradd to make accounts, AND use "."(peroid) names, because the machine in question has to function as part of a larger previously existing install that uses a script that syncs logins over the network, accross many *nix machines. the "." are part of the network wide username login schemes that work with previously existing linux and BSD servers.

So what linux distro/shadow version did you use before? I'd find this out and then use their buildscripts + patches...

Last edited by Leonid.I (2013-06-23 22:50:48)


Arch Linux is more than just GNU/Linux -- it's an adventure
pkill -9 systemd

Offline

#6 2013-06-25 18:01:27

GI Jack
Member
Registered: 2010-12-29
Posts: 92

Re: [solved] need to make usernames with a "."(peroid) with useradd.

fixed, I changed the code in C, and now it worked. It was 2 half lines of code added, see OP

Offline

#7 2013-06-26 10:19:48

Stalafin
Member
From: Berlin, Germany
Registered: 2007-10-26
Posts: 617

Re: [solved] need to make usernames with a "."(peroid) with useradd.

Just curious - is there a reason to not allow user names containing a dot? Seems an arbitrary decision unless it's a design choice other parts of the system depend on.

Offline

#8 2013-06-26 16:06:34

WonderWoofy
Member
From: Los Gatos, CA
Registered: 2012-05-19
Posts: 8,414

Re: [solved] need to make usernames with a "."(peroid) with useradd.

Stalafin wrote:

Just curious - is there a reason to not allow user names containing a dot? Seems an arbitrary decision unless it's a design choice other parts of the system depend on.

Read the thread. This was not his choice.

Offline

#9 2013-06-26 20:11:08

fledermann
Member
From: Bielefeld, Germany
Registered: 2013-06-24
Posts: 49

Re: [solved] need to make usernames with a "."(peroid) with useradd.

Stalafin wrote:

Just curious - is there a reason to not allow user names containing a dot? Seems an arbitrary decision unless it's a design choice other parts of the system depend on.

My guess: older versions of chown failed with those usernames, because the dot was used as an "owner.group" seperator. But that does sound like a weak reason.

Offline

#10 2013-06-26 21:27:04

WonderWoofy
Member
From: Los Gatos, CA
Registered: 2012-05-19
Posts: 8,414

Re: [solved] need to make usernames with a "."(peroid) with useradd.

fledermann wrote:
Stalafin wrote:

Just curious - is there a reason to not allow user names containing a dot? Seems an arbitrary decision unless it's a design choice other parts of the system depend on.

My guess: older versions of chown failed with those usernames, because the dot was used as an "owner.group" seperator. But that does sound like a weak reason.

Again.  Read the thread and you would have found this:

OP wrote:

This is part of a pre-existing setup, that is niether designed, nor maintained by myself, required for interoperbility on a larger network, of which just now, I built the first Arch Linux server.

Offline

#11 2013-06-26 21:29:38

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 29,442
Website

Re: [solved] need to make usernames with a "."(peroid) with useradd.

WW, you're reading those comments very different than me.  Stalafin was not asking why the OP needed a dot in the name, but whether there was a reason useradd didn't accept such names (not asking about OP's reasons, but about useradd's dev's reasons).  Backward compatibility with the user-group separator seems like a very likely reason why useradd would not allow this.

Last edited by Trilby (2013-06-26 21:30:11)


"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

Offline

#12 2013-06-26 21:39:54

WonderWoofy
Member
From: Los Gatos, CA
Registered: 2012-05-19
Posts: 8,414

Re: [solved] need to make usernames with a "."(peroid) with useradd.

Trilby wrote:

WW, you're reading those comments very different than me.  Stalafin was not asking why the OP needed a dot in the name, but whether there was a reason useradd didn't accept such names (not asking about OP's reasons, but about useradd's dev's reasons).  Backward compatibility with the user-group separator seems like a very likely reason why useradd would not allow this.

Wow, this makes a lot more sense.  Thanks for pointing that out Trilby.  Sorry for the noise.

Offline

#13 2013-07-17 18:24:16

GI Jack
Member
Registered: 2010-12-29
Posts: 92

Re: [solved] need to make usernames with a "."(peroid) with useradd.

Stalafin wrote:

Just curious - is there a reason to not allow user names containing a dot? Seems an arbitrary decision unless it's a design choice other parts of the system depend on.

I want to know why this is hard coded, and doesn't read overrides from a config file.

Offline

Board footer

Powered by FluxBB