Re: Adding users with first.last name

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, Sep 07, 2004 at 02:48:21PM -0500, Tommy Reynolds wrote:
....
> Accepting a dot as part of the username is a new-ish POSIX change and
> not all parts of Linux are happy with it.  AFAIK, useradd(8) has a
> bug in its name validation.  Other utilities, such as chown(1),
> should be OK.

Caution:
Chown understands
      chown user.group
  and
      chown user:group

If you have a user first.last and last maps to a group some things can
be confusing.  For the most part the match of user is done first and
things work but not exactly as expected.

Limit yourself to chown with a : and if you understand this you should
be fine 99%.

Also pay attention to cap letters as noted in the man page for the
passwd file (man 5 passwd) where 
       account: the name of the user on the
       system.  It should not contain capital letters.

Also establish policy limits to the length of a user name.  Linux
keeps user IDs as numbers in the guts of the system and converts
names to numbers and numbers to names in a modest list of
places. However if a data base, or other application gets in the game
there is a risk of a string overflow when the string is manipulated in
other contexts.

For a point of history I did see this in an old sunos man page.
   #include <limits.h>
   LOGNAME_MAX    8        /* max # of characters in  a  login  name */

And in Linux I see:
  /usr/include/w3c-libwww/wwwsys.h:#define HT_LOGNAME_MAX  64
  /usr/include/bits/posix1_lim.h:#define  _POSIX_LOGIN_NAME_MAX   9
  /usr/include/bits/local_lim.h:#define LOGIN_NAME_MAX     256

The first.middle.last looks like a 'nice' thing but because '.' is 
magic in regular expressions it has been excluded for a long time
in Unix history.

Also watch out for user.tla where the tla might map to some MIME type
that virus software and more might filter.  Some executive might want
bill.exe as a user name or the comptroller of the company might want
clinton.com.

My preference is for a shortish simple ID in the passwd file and leave
interesting stuff like first.last as an alias in /etc/aliases.


-- 
	T o m  M i t c h e l l 
	In the USA, be informed, Vote Nov 2004.
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux