Bug#1014450: usernames have a 32 character limit
On Wed, 2022-07-13 at 23:09 +0200, Marc Haber wrote: > On Wed, Jul 13, 2022 at 04:50:20PM -0400, Matt Barry wrote: > > On Wed, 2022-07-13 at 22:44 +0200, Marc Haber wrote: > > > On Wed, Jul 06, 2022 at 12:32:16PM +0200, Marc Haber wrote: > > > > the useradd documentation says that a user name has a 32 > > > > character > > > > limit. We should enforce this as well. > > > > > > Matt, would you want to take a quick plunge at this as well? > > > You're > > > still deeply acquained with the entire name checking stuff > > > anyway. > > > > Sure. There actually is a test for this, and it passes (ie. fails > > in > > every instance, for a 33 character name) - I think because useradd > > fails? We might as well check it though, I'll take a look. > > If we are ok with erroring out with a useradd error message, and the > output is not offensively ugly, I'm fine with that, and we can just > close this bug as fixed in 3.122. I am not emotional about this. I would apply that patch at some point; it isn't urgent, but it is cleaner.
Bug#1014450: usernames have a 32 character limit
On Wed, 2022-07-13 at 23:11 +0200, Marc Haber wrote: > On Wed, Jul 13, 2022 at 04:50:20PM -0400, Matt Barry wrote: > > There actually is a test for this, and it passes (ie. fails in > > every instance, for a 33 character name) > > Does it also fail reasonably prettily for a < 32 character UTF-8 name > that is > 32 bytes when encoded? (new patch) /h/d/adduser $ sudo adduser adduser: Usernames must be no more than 32 bytes in length; note that if you are using Unicode characters, the character limit will be less than 32. In the 3.121, the IEEE check will squash it. In 3.22: ~/h/d/adduser $ sudo adduser --allow-all-names Allowing use of questionable username. Adding user `' ... Adding new group `' (1023) ... groupadd: '' is not a valid group name adduser: `/sbin/groupadd -g 1023 ' returned error code 3. Exiting. so, not ideal, but it does error.
Bug#1014450: usernames have a 32 character limit
On Wed, Jul 13, 2022 at 04:50:20PM -0400, Matt Barry wrote: > There actually is a test for this, and it passes (ie. fails in > every instance, for a 33 character name) Does it also fail reasonably prettily for a < 32 character UTF-8 name that is > 32 bytes when encoded? Greetings Marc -- - Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Bug#1014450: usernames have a 32 character limit
On Wed, Jul 13, 2022 at 04:50:20PM -0400, Matt Barry wrote: > On Wed, 2022-07-13 at 22:44 +0200, Marc Haber wrote: > > On Wed, Jul 06, 2022 at 12:32:16PM +0200, Marc Haber wrote: > > > the useradd documentation says that a user name has a 32 character > > > limit. We should enforce this as well. > > > > Matt, would you want to take a quick plunge at this as well? You're > > still deeply acquained with the entire name checking stuff anyway. > > Sure. There actually is a test for this, and it passes (ie. fails in > every instance, for a 33 character name) - I think because useradd > fails? We might as well check it though, I'll take a look. If we are ok with erroring out with a useradd error message, and the output is not offensively ugly, I'm fine with that, and we can just close this bug as fixed in 3.122. I am not emotional about this. Greetings Marc -- - Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Bug#1014450: usernames have a 32 character limit
On Wed, 2022-07-13 at 22:44 +0200, Marc Haber wrote: > Hi, > > On Wed, Jul 06, 2022 at 12:32:16PM +0200, Marc Haber wrote: > > the useradd documentation says that a user name has a 32 character > > limit. We should enforce this as well. > > Matt, would you want to take a quick plunge at this as well? You're > still deeply acquained with the entire name checking stuff anyway. Sure. There actually is a test for this, and it passes (ie. fails in every instance, for a 33 character name) - I think because useradd fails? We might as well check it though, I'll take a look. mb signature.asc Description: This is a digitally signed message part
Bug#1014450: usernames have a 32 character limit
Hi, On Wed, Jul 06, 2022 at 12:32:16PM +0200, Marc Haber wrote: > the useradd documentation says that a user name has a 32 character > limit. We should enforce this as well. Matt, would you want to take a quick plunge at this as well? You're still deeply acquained with the entire name checking stuff anyway. Greetings Marc
Bug#1014450: usernames have a 32 character limit
Package: adduser Version: 3.121 Severity: normal Hi, the useradd documentation says that a user name has a 32 character limit. We should enforce this as well. In useradd, this seems to apply to the UTF-8 representation of the user name, that is, aa (two unaccented and 16 accented characters) is too long while aaäää (two unaccented and 15 accented characters) is not. So putting this restriction inside our regular expressions is not going to help. Maybe it's just ok to let useradd enforce this? Currently this seems to work ok, but it looks like a train wreck: root@salida-unstable-buildd-amd64-ydvv:/srv# adduser --system abcdefghijabcdefghijabcdefghijabc Adding system user `abcdefghijabcdefghijabcdefghijabc' (UID 101) ... Adding new user `abcdefghijabcdefghijabcdefghijabc' (UID 101) with group `nogroup' ... useradd: invalid user name 'abcdefghijabcdefghijabcdefghijabc': use --badname to ignore adduser: `/usr/sbin/useradd -r -K SYS_UID_MIN=100 -K SYS_UID_MAX=999 -d /home/abcdefghijabcdefghijabcdefghijabc -g nogroup -s /usr/sbin/nologin -u 101 abcdefghijabcdefghijabcdefghijabc' returned error code 3. Exiting. root@salida-unstable-buildd-amd64-ydvv:/srv# adduser --system abcdefghijabcdefghijabcdefghijab Adding system user `abcdefghijabcdefghijabcdefghijab' (UID 101) ... Adding new user `abcdefghijabcdefghijabcdefghijab' (UID 101) with group `nogroup' ... Creating home directory `/home/abcdefghijabcdefghijabcdefghijab' ... Greetings Marc -- System Information: Debian Release: bookworm/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'stable-security'), (500, 'unstable'), (500, 'testing'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 5.18.8-zgws1 (SMP w/12 CPU threads; PREEMPT) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8), LANGUAGE=en Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages adduser depends on: ii debconf [debconf-2.0] 1.5.79 ii passwd 1:4.11.1+dfsg1-2 adduser recommends no packages. Versions of packages adduser suggests: ii cron3.0pl1-144 ii liblocale-gettext-perl 1.07-4+b2 ii perl5.34.0-4 -- debconf information excluded