Patrick Williams | 92b42cb | 2022-09-03 06:53:57 -0500 | [diff] [blame] | 1 | From b182c52d63bea0f08e1befcec5c3797dd97cdef5 Mon Sep 17 00:00:00 2001 |
| 2 | From: Alexander Kanavin <alex@linutronix.de> |
| 3 | Date: Tue, 16 Aug 2022 13:46:22 +0200 |
| 4 | Subject: [PATCH] shadow: use relaxed usernames |
| 5 | |
| 6 | The groupadd from shadow does not allow upper case group names, the |
| 7 | same is true for the upstream shadow. But distributions like |
| 8 | Debian/Ubuntu/CentOS has their own way to cope with this problem, |
| 9 | this patch is picked up from CentOS release 7.0 to relax the usernames |
| 10 | restrictions to allow the upper case group names, and the relaxation is |
| 11 | POSIX compliant because POSIX indicate that usernames are composed of |
| 12 | characters from the portable filename character set [A-Za-z0-9._-]. |
| 13 | |
| 14 | Upstream-Status: Submitted [https://github.com/shadow-maint/shadow/pull/551] |
| 15 | |
| 16 | Signed-off-by: Shan Hai <shan.hai@windriver.com> |
| 17 | Signed-off-by: Alexander Kanavin <alex@linutronix.de> |
| 18 | --- |
| 19 | libmisc/chkname.c | 29 ++++++++++++++++++----------- |
| 20 | man/groupadd.8.xml | 6 ------ |
| 21 | man/useradd.8.xml | 6 ------ |
| 22 | 3 files changed, 18 insertions(+), 23 deletions(-) |
| 23 | |
| 24 | diff --git a/libmisc/chkname.c b/libmisc/chkname.c |
| 25 | index cb002a14..c0306c5a 100644 |
| 26 | --- a/libmisc/chkname.c |
| 27 | +++ b/libmisc/chkname.c |
| 28 | @@ -32,21 +32,28 @@ static bool is_valid_name (const char *name) |
| 29 | } |
| 30 | |
| 31 | /* |
| 32 | - * User/group names must match [a-z_][a-z0-9_-]*[$] |
| 33 | - */ |
| 34 | - |
| 35 | - if (('\0' == *name) || |
| 36 | - !((('a' <= *name) && ('z' >= *name)) || ('_' == *name))) { |
| 37 | + * User/group names must match gnu e-regex: |
| 38 | + * [a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,30}[a-zA-Z0-9_.$-]? |
| 39 | + * |
| 40 | + * as a non-POSIX, extension, allow "$" as the last char for |
| 41 | + * sake of Samba 3.x "add machine script" |
| 42 | + */ |
| 43 | + if ( ('\0' == *name) || |
| 44 | + !((*name >= 'a' && *name <= 'z') || |
| 45 | + (*name >= 'A' && *name <= 'Z') || |
| 46 | + (*name >= '0' && *name <= '9') || |
| 47 | + (*name == '_') || (*name == '.') |
| 48 | + )) { |
| 49 | return false; |
| 50 | } |
| 51 | |
| 52 | while ('\0' != *++name) { |
| 53 | - if (!(( ('a' <= *name) && ('z' >= *name) ) || |
| 54 | - ( ('0' <= *name) && ('9' >= *name) ) || |
| 55 | - ('_' == *name) || |
| 56 | - ('-' == *name) || |
| 57 | - ( ('$' == *name) && ('\0' == *(name + 1)) ) |
| 58 | - )) { |
| 59 | + if (!( (*name >= 'a' && *name <= 'z') || |
| 60 | + (*name >= 'A' && *name <= 'Z') || |
| 61 | + (*name >= '0' && *name <= '9') || |
| 62 | + (*name == '_') || (*name == '.') || (*name == '-') || |
| 63 | + (*name == '$' && *(name + 1) == '\0') |
| 64 | + )) { |
| 65 | return false; |
| 66 | } |
| 67 | } |
| 68 | diff --git a/man/groupadd.8.xml b/man/groupadd.8.xml |
| 69 | index 26671f92..3eacaa09 100644 |
| 70 | --- a/man/groupadd.8.xml |
| 71 | +++ b/man/groupadd.8.xml |
| 72 | @@ -63,12 +63,6 @@ |
| 73 | values from the system. The new group will be entered into the system |
| 74 | files as needed. |
| 75 | </para> |
| 76 | - <para> |
| 77 | - Groupnames must start with a lower case letter or an underscore, |
| 78 | - followed by lower case letters, digits, underscores, or dashes. |
| 79 | - They can end with a dollar sign. |
| 80 | - In regular expression terms: [a-z_][a-z0-9_-]*[$]? |
| 81 | - </para> |
| 82 | <para> |
| 83 | Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long. |
| 84 | </para> |
| 85 | diff --git a/man/useradd.8.xml b/man/useradd.8.xml |
| 86 | index c7f95b47..e056d141 100644 |
| 87 | --- a/man/useradd.8.xml |
| 88 | +++ b/man/useradd.8.xml |
| 89 | @@ -691,12 +691,6 @@ |
| 90 | the user account creation request. |
| 91 | </para> |
| 92 | |
| 93 | - <para> |
| 94 | - Usernames must start with a lower case letter or an underscore, |
| 95 | - followed by lower case letters, digits, underscores, or dashes. |
| 96 | - They can end with a dollar sign. |
| 97 | - In regular expression terms: [a-z_][a-z0-9_-]*[$]? |
| 98 | - </para> |
| 99 | <para> |
| 100 | Usernames may only be up to 32 characters long. |
| 101 | </para> |
| 102 | -- |
| 103 | 2.30.2 |
| 104 | |