| View previous topic :: View next topic |
| Author |
Message |
DawgG
l33t
Joined: 17 Sep 2003
Posts: 878
|
 Posted: Wed Apr 20, 2016 1:20 pm Post subject: define allowed format of usernames - login.defs does not wrk |
 |
|
on my systems i need usernames in the format
NN.NNN.NNN-N
(N=0-9)
useradd won't accept usernames in this format and /etc/login.defs has no setting for the allowed format/chars. Adding the entry CHARACTER_CLASS produces a configuration error (i tried shadow with and without USE="pam")
How to change the allowed format of the usernames?
THX for your help!
_________________
DUMM KLICKT GUT. |
|
| Back to top |
|
 |
Syl20
l33t
Joined: 04 Aug 2005
Posts: 621
Location: France
|
| Posted: Wed Apr 20, 2016 1:33 pm Post subject: |
|
|
You can't set a username beginning with a number. And, even if you could, it's a really bad idea, as some shell commands are able to play with usernames and UIDs/GIDs indifferently.
You can't set a username containing a dot (period) character. And, even if you could, it's a really bad idea, as some shell commands are able to use it as a separator. |
|
| Back to top |
|
|
DawgG
l33t
Joined: 17 Sep 2003
Posts: 878
|
| Posted: Wed Apr 20, 2016 1:47 pm Post subject: |
|
|
| Quote: | | You can't set a username beginning with a number. And, even if you could, |
yes, you can, just not with useradd.
| Quote: | | You can't set a username containing a dot (period) character. |
try
| Quote: | | it's a really bad idea, as some shell commands are able to use it as a separator. |
i know that but it was not my question.
_________________
DUMM KLICKT GUT. |
|
| Back to top |
|
|
guitou
Guru
Joined: 02 Oct 2003
Posts: 534
Location: France
|
| Posted: Wed Apr 20, 2016 3:22 pm Post subject: |
|
|
| Can't you simply try and change your requested username format to something more suitable, like prefixing with USER, or even U, and replacing dots with underscores? Would be simple using regular expressions. |
|
| Back to top |
|
|
khayyam
Watchman
Joined: 07 Jun 2012
Posts: 6227
Location: Room 101
|
| Posted: Wed Apr 20, 2016 3:54 pm Post subject: |
|
|
DawG ...
forget about login.defs, shadow defines the following match:
| libmisc/chkname.c: | | * User/group names must match [a-z_][a-z0-9_-]*[$] |
... but it's not shadow but pam that is handling what happens when useradd is run, I'd suspect pam_unix or pam_permit. So, I would search there, or the pam docs.
best ... khay |
|
| Back to top |
|
|
Chiitoo
Administrator
Joined: 28 Feb 2010
Posts: 2784
Location: Here and Away Again
|
|
| Back to top |
|
|
DawgG
l33t
Joined: 17 Sep 2003
Posts: 878
|
| Posted: Fri Apr 22, 2016 9:46 am Post subject: changed function in shadow - can be done now |
|
|
THX to all for your help!
i bluntly changed the function in libmisc/chkname.c (in shadow) to return true (instread of false) in the case of such a username, emerged it via PORTDIR_OVERLAY and now this can be done.
(of course it's not good, smart, etc, but still thank you!)
_________________
DUMM KLICKT GUT. |
|
| Back to top |
|
|
|
Networking & Security
