On Mon, Jul 10, 2017 at 4:41 PM, Lennart Poettering <lenn...@poettering.net> wrote: > On Mon, 10.07.17 15:58, Lennart Poettering (lenn...@poettering.net) wrote: > >> On Mon, 10.07.17 15:16, Jan Synacek (jsyna...@redhat.com) wrote: >> >> > On Mon, Jul 10, 2017 at 12:42 PM, Lennart Poettering >> > <lenn...@poettering.net> wrote: >> > > Now, because this is so weakly defined, we hence do not follow POSIX >> > > rules, but filter out more that might be dangerous. Specifically: >> > > >> > > 1. We do not permit empty usernames >> > > 2. We don't permit the first character to be numeric >> > > (This also filters out fully numeric user names) >> > > 3. We do not permit dots in usernames, neither at the beginning nor in >> > > the middle. >> > > 4. We do not permit "-" at the beginning of usernames (something which >> > > POSIX explicitly suggests, btw) >> > > 5. We require that the user name fits in the utmp user name field, so >> > > that we can always log properly about it. >> > >> > Is this documented somewhere? If not, it would be great to have it >> > documented. I'm pretty sure that this exact paragraph would be ok. >> >> There's a longer (and not entirely complete) comment about this in the >> sources, but other than that it's not explicitly documented. >> >> If you prep a patch that adds this to the User=/Group= man page, this >> would certainly be welcome. However, it should be reworded, as we >> shouldn't say "We" there, and probably drop explicit references to >> POSIX and utmp there, and instead just dryly state the accepted >> character set + minimum and maximum string lengths. > > I have posted a PR documenting this just now: > > https://github.com/systemd/systemd/pull/6321
Thanks for the fast response! -- Jan Synacek Software Engineer, Red Hat _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel