Hi, thanks for the response, I give update information below. Στις 24-07-2011, ημέρα Κυρ, και ώρα 14:22 +0100, ο/η Stephen Gran έγραψε: > ... > > # check user and group names also against this regular expression. > > - -#NAME_REGEX="^[a-z][-a-z0-9_]*\$" > > +#NAME_REGEX="^[a-z][-a-z0-9_]*\$?$" > > This can't be fixing it, the default is commented out. > The patch was made against the file (adduser.conf) that the package ships. It is shipped with NAME_REGEX commented out (ie check disabled). But if you uncomment it, thus enabling the check, then the bug appears.
However, since the package ships the file with the test disabled by default, I could not send a patch that enables the test by default. Thus I sent a patch that corrects the bug when someone decides to enable the test, which is IMHO the right way to patch in such a situation. > > ... > > Γίνεται εγκατάσταση hal (0.5.14-3) ... > ... > I wonder if this is a locale specific problem. Can you try (in a > chroot, whatever), installing haldaemon with a default config for > adduser to try to reproduce it? I am curious if it will succeed if you > then set LANG=C and install it again. I suspect it will install. If > this is the case, can you let me know? The default config of adduser will certainly install the package since it has the (optional) test disabled. The problem appears when the test is enabled. And it is not package-specific, nor locale-specific, based on the outcomes of the following tests (full results are presented as annex to the end): i) add a user from the command line, with NAME_REGEX uncommented and set to its default (shipped with the package) value: ^[a-z][-a-z0-9_]*\$ i-a) with my system's default locale: adduser foo --> error adduser foo$ --> ok i-b) with the C locale: LC_ALL=C adduser bar --> error LC_ALL=C adduser bar$ --> ok ii) grep a list of names with perl regular expressions enabled (since adduser is written in perl and NAME_REGEX is a perl regex). Although I present only the C locale case, the results where identical in my system's default locale also. ii-a) with the default value: ^[a-z][-a-z0-9_]*\$ --> error ii-b) with the value of the patch: ^[a-z][-a-z0-9_]*\$?$ --> ok iii) do the same as ii using a perl program instead of grep. Same remarks apply. iii-a) with the default value: ^[a-z][-a-z0-9_]*\$ --> error iii-b) with the value of the patch: ^[a-z][-a-z0-9_]*\$?$ --> ok As a final note, the default value (^[a-z][-a-z0-9_]*\$) simply does not look ok when someone reads the code of the 'checkname' sub in adduser executable (lines 864-886 as shipped with the adduser-3.112+nmu2 package). The string in line 868 states that \$ is only allowed at the end of user names for compatibility with Samba machines accounts. However, the default regex does not allow it as optional at the end but instead it *requires* it to exist after at least one lowercase letter and any combination of lowercase letters, numbers, dashes and underscores. This is certainly a bug, because apart from requiring an $ character to appear in the name it also allows *any* other character after the $, even invalid ones. The ?$ that the patch adds at the end of the value makes the \$ optional and ensures it will be (if present) the last character in the name (see also Annex B at the end of the message). I am at your disposal if you need additional information, the full results of the tests follow. regards George Zarkadas ANNEX A - FULL TEST RESULTS ------------------------------------------------ i) add a user from the command line, with NAME_REGEX uncommented and set to its default (shipped with the package) value: ^[a-z][-a-z0-9_]*\$ EXPECTED OUTCOME: all tried user names should be accepted. i-a) with my system's default locale: root@freedom:/etc# adduser foo adduser: Please enter a username matching the regular expression configured via the NAME_REGEX configuration variable. Use the `--force-badname' option to relax this check or reconfigure NAME_REGEX. root@freedom:/etc# adduser foo$ Adding user `foo$' ... Adding new group `foo$' (1004) ... Adding new user `foo$' (1004) with group `foo$' ... Creating home directory `/home/foo$' ... Copying files from `/etc/skel' ... Enter new UNIX password: Retype new UNIX password: passwd: το συνθηματικό ενημερώθηκε επιτυχώς Αλλαγή πληροφοριών χρήστη για τον foo$ Εισάγετε την νέα τιμή, ή πιέστε ENTER για την προκαθορισμένη Πλήρες όνομα []: Αριθμός δωματίου []: Τηλέφωνο Εργασίας []: Τηλέφωνο Οικίας []: Άλλο []: Is the information correct? [Y/n] y Adding new user `foo$' to extra groups ... Adding user `foo$' to group `cdrom' ... Adding user `foo$' to group `floppy' ... Adding user `foo$' to group `audio' ... Adding user `foo$' to group `video' ... Adding user `foo$' to group `plugdev' ... Adding user `foo$' to group `fuse' ... Adding user `foo$' to group `users' ... i-b) with the C locale: root@freedom:/etc# LC_ALL=C adduser bar adduser: Please enter a username matching the regular expression configured via the NAME_REGEX configuration variable. Use the `--force-badname' option to relax this check or reconfigure NAME_REGEX. root@freedom:/etc# LC_ALL=C adduser bar$ Adding user `bar$' ... Adding new group `bar$' (1005) ... Adding new user `bar$' (1005) with group `bar$' ... Creating home directory `/home/bar$' ... Copying files from `/etc/skel' ... Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully Changing the user information for bar$ Enter the new value, or press ENTER for the default Full Name []: Room Number []: Work Phone []: Home Phone []: Other []: Is the information correct? [Y/n] y Adding new user `bar$' to extra groups ... Adding user `bar$' to group `cdrom' ... Adding user `bar$' to group `floppy' ... Adding user `bar$' to group `audio' ... Adding user `bar$' to group `video' ... Adding user `bar$' to group `plugdev' ... Adding user `bar$' to group `fuse' ... Adding user `bar$' to group `users' ... RESULT: the most simple names foo,bar were rejected (error); only the foo$,bar$ names accepted. ------------------------------------------------ ii) grep a list of names with perl regular expressions enabled. EXPECTED OUTCOME: The third and sixth name should not be accepted, all others should pass. ii-a) with the default value: ^[a-z][-a-z0-9_]*\$ root@freedom:/etc# (cat << "EOF" foo foo$ foo$a a_50-50_ a-50_50-$ aNaccepted EOF ) | LC_ALL=C grep -P '^[a-z][-a-z0-9_]*\$' foo$ foo$a a-50_50-$ RESULT: third name is included (error); first and fourth names are not included (error). ii-b) with the value of the patch: ^[a-z][-a-z0-9_]*\$?$ root@freedom:/etc# (cat << "EOF" foo foo$ foo$a a_50-50_ a-50_50-$ aNaccepted EOF ) | LC_ALL=C grep -P '^[a-z][-a-z0-9_]*\$?$' foo foo$ a_50-50_ a-50_50-$ RESULT: correct. ------------------------------------------------ iii) do the same as ii using a perl program instead of grep. Same remarks apply. EXPECTED OUTCOME: The third and sixth name should not be accepted, all others should pass. iii-a) with the default value: ^[a-z][-a-z0-9_]*\$ root@freedom:/etc# (cat << "EOF" foo foo$ foo$a a_50-50_ a-50_50-$ aNaccepted EOF ) | LC_ALL=C perl -nle 'm/^[a-z][-a-z0-9_]*\$/ && print' foo$ foo$a a-50_50-$ RESULT: third name is included (error); first and fourth names are not included (error). iii-b) with the value of the patch: ^[a-z][-a-z0-9_]*\$?$ root@freedom:/etc# (cat << "EOF" foo foo$ foo$a a_50-50_ a-50_50-$ aNaccepted EOF ) | LC_ALL=C perl -nle 'm/^[a-z][-a-z0-9_]*\$?$/ && print' foo foo$ a_50-50_ a-50_50-$ RESULT: correct. ANNEX B - ONE MORE TEST ABOUT ALLOWANCE FOR INVALID NAMES Again first is the default value, second the proposed patch. EXPECTED OUTCOME: No invalid user name should pass. root@freedom:/etc# (cat << "EOF" foo foo$ foo$aGAIN fo$$*&%#@ a${ENV/*//myfile} aNaccepted EOF ) | LC_ALL=C perl -nle 'm/^[a-z][-a-z0-9_]*\$/ && print' foo$ foo$aGAIN fo$$*&%#@ a${ENV/*//myfile} root@freedom:/etc# (cat << "EOF" foo foo$ foo$aGAIN fo$$*&%#@ a${ENV/*//myfile} aNaccepted EOF ) | LC_ALL=C perl -nle 'm/^[a-z][-a-z0-9_]*\$?$/ && print' foo foo$ RESULT: default regex allows invalid names; patched regex not.
signature.asc
Description: This is a digitally signed message part