From Jim.Pirzyk@disney.com  Thu Oct  4 13:40:38 2001
Return-Path: <Jim.Pirzyk@disney.com>
Received: from mail.disney.com (mail.disney.com [204.128.192.15])
	by hub.freebsd.org (Postfix) with ESMTP id 5050937B401
	for <FreeBSD-gnats-submit@freebsd.org>; Thu,  4 Oct 2001 13:40:38 -0700 (PDT)
Received: from Hermes10.corp.disney.com (hermes10.corp.disney.com [153.7.110.102])
	by mail.disney.com (Switch-2.2.0/Switch-2.2.0) with SMTP id f94KdZv23798
	for <FreeBSD-gnats-submit@freebsd.org>; Thu, 4 Oct 2001 13:39:35 -0700 (PDT)
Received: from [172.30.50.1] by hermes.corp.disney.com with ESMTP for FreeBSD-gnats-submit@freebsd.org; Thu, 4 Oct 2001 13:39:41 -0700
Received: from plio.fan.fa.disney.com (plio.fan.fa.disney.com [153.7.118.2])
	by pecos.fa.disney.com (8.11.3/8.11.3) with ESMTP id f94KtKs19534
	for <FreeBSD-gnats-submit@freebsd.org>; Thu, 4 Oct 2001 13:55:20 -0700 (PDT)
Received: from snoopy.fan.fa.disney.com (snoopy.fan.fa.disney.com [153.7.117.170])
	by plio.fan.fa.disney.com (8.9.2/8.9.2) with ESMTP id NAA26987
	for <FreeBSD-gnats-submit@freebsd.org>; Thu, 4 Oct 2001 13:40:36 -0700 (PDT)
	(envelope-from Jim.Pirzyk@mailhost)
Received: (from Jim.Pirzyk@localhost)
	by snoopy.fan.fa.disney.com (8.11.6/8.11.6) id f94KeaV45606;
	Thu, 4 Oct 2001 13:40:36 -0700 (PDT)
	(envelope-from Jim.Pirzyk)
Message-Id: <200110042040.f94KeaV45606@snoopy.fan.fa.disney.com>
Date: Thu, 4 Oct 2001 13:40:36 -0700 (PDT)
From: Jim Pirzyk <Jim.Pirzyk@disney.com>
Reply-To: Jim Pirzyk <Jim.Pirzyk@disney.com>
To: FreeBSD-gnats-submit@freebsd.org
Subject: /usr/sbin/adduser does not allow '.' in login name. [PATCH]
X-Send-Pr-Version: 3.113

>Number:         31049
>Category:       bin
>Synopsis:       /usr/sbin/adduser does not allow '.' in login name. [PATCH]
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    yar
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Oct 04 13:50:01 PDT 2001
>Closed-Date:    Fri Feb 15 09:35:21 PST 2002
>Last-Modified:  Fri Feb 15 09:36:07 PST 2002
>Originator:     Jim Pirzyk
>Release:        FreeBSD 4.4-RELEASE i386
>Organization:
>Environment:
System: FreeBSD snoopy 4.4-RELEASE FreeBSD 4.4-RELEASE #2: Fri Sep 21 11:16:23 PDT 2001 root@snoopy:/auto/roy/dist/pub/FreeBSD/4.4-RELEASE/sys/compile/UP_WORKSTATION i386


	
>Description:
	You cannot add a user account with a '.' in it even though a '.' is a
	valid login character per POSIX (XBDd6 section 3.426)

>How-To-Repeat:
	
>Fix:
--- adduser.perl.orig   Mon Jul 30 16:56:48 2001
+++ adduser.perl        Thu Oct  4 13:36:51 2001
@@ -309,7 +309,7 @@
     local($name);
 
     while(1) {
-       $name = &confirm_list("Enter username", 1, "a-z0-9_-", "");
+       $name = &confirm_list("Enter username", 1, "a-z0-9_-.", "");
        if (length($name) > 16) {
            warn "Username is longer than 16 chars\a\n";
            next;
@@ -322,7 +322,7 @@
 sub new_users_name_valid {
     local($name) = @_;
 
-    if ($name !~ /^[a-z0-9_][a-z0-9_\-]*$/ || $name eq "a-z0-9_-") {
+    if ($name !~ /^[a-z0-9_][a-z0-9_\-\.]*$/ || $name eq "a-z0-9_-.") {
        warn "Wrong username. " .
            "Please use only lowercase characters or digits\a\n";
        return 0;

>Release-Note:
>Audit-Trail:

From: Giorgos Keramidas <charon@labs.gr>
To: Jim Pirzyk <Jim.Pirzyk@disney.com>
Cc: FreeBSD-gnats-submit@FreeBSD.ORG
Subject: Re: bin/31049: /usr/sbin/adduser does not allow '.' in login name. [PATCH]
Date: Fri, 5 Oct 2001 01:45:49 +0300

 Jim Pirzyk <Jim.Pirzyk@disney.com> wrote:
 > 
 > -    if ($name !~ /^[a-z0-9_][a-z0-9_\-]*$/ || $name eq "a-z0-9_-") {
 > +    if ($name !~ /^[a-z0-9_][a-z0-9_\-\.]*$/ || $name eq "a-z0-9_-.") {
 >         warn "Wrong username. " .
 >             "Please use only lowercase characters or digits\a\n";
 
 Pleaase make that warning:
 
       warn "Wrong username. " .
           "Please use lowercase characters, digits or '_' " .
           "as the starting character, and lowercase letters, " .
           "digits, '_', '-' or '.' in the rest of the username\a\n";
 
 -giorgos
 

From: Ceri Davies <setantae@submonkey.net>
To: freebsd-gnats-submit@FreeBSD.org, Jim.Pirzyk@disney.com
Cc:  
Subject: Re: bin/31049: /usr/sbin/adduser does not allow '.' in login name. 
 [PATCH]
Date: Fri, 05 Oct 2001 10:22:48 +0100

 Even better, please make it start with "Bad username" instead of
 "Wrong username".
 
 I don't see how the username can be ``wrong'' if I'm adding the user.
 
 Ceri

From: "Yar Tikhiy" <yar@comp.chem.msu.su>
To: <freebsd-gnats-submit@FreeBSD.org>, <Jim.Pirzyk@disney.com>
Cc:  
Subject: Re: bin/31049: /usr/sbin/adduser does not allow '.' in login name. [PATCH]
Date: Thu, 11 Oct 2001 19:11:07 +0400

 Could you quote POSIX on the characters allowed in usernames?
 What characters are allowed? This question has to do with the fact
 that "adduser" and "pw" use inconsistent algorithms of validating a
 username,
 so I'd like to fix both.
 

From: Jim Pirzyk <Jim.Pirzyk@disney.com>
To: "Yar Tikhiy" <yar@comp.chem.msu.su>,
	<freebsd-gnats-submit@FreeBSD.org>
Cc:  
Subject: Re: bin/31049: /usr/sbin/adduser does not allow '.' in login name. [PATCH]
Date: Thu, 11 Oct 2001 08:51:36 -0700

 On Thursday 11 October 2001 08:11 am, Yar Tikhiy wrote:
 > Could you quote POSIX on the characters allowed in usernames?
 > What characters are allowed? This question has to do with the fact
 > that "adduser" and "pw" use inconsistent algorithms of validating a
 > username,
 > so I'd like to fix both.
 
 
 This is grom Garrett:
 
 From XBDd6 section 3.426 says:
 
 User Name
         A string that is used to identify a user; see also Section
         3.424 (on page 90). To be portable across systems conforming
         to IEEE Std 1003.1-200x, the value is composed of characters
         from the portable filename character set. The hyphen should
         not be used as the first character of a portable user name.
 
 - JimP
 
 -- 
 --- @(#) $Id: dot.signature,v 1.10 2001/05/17 23:38:49 Jim.Pirzyk Exp $
     __o   Jim.Pirzyk@disney.com ------------- pirzyk@freebsd.org
  _'\<,_   Senior Systems Engineer, Walt Disney Feature Animation 
 (*)/ (*)  
Responsible-Changed-From-To: freebsd-bugs->yar 
Responsible-Changed-By: yar 
Responsible-Changed-When: Fri Oct 12 06:21:20 PDT 2001 
Responsible-Changed-Why:  
I'll try do something about that. 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=31049 
State-Changed-From-To: open->analyzed 
State-Changed-By: yar 
State-Changed-When: Wed Jan 2 10:55:04 PST 2002 
State-Changed-Why:  
Allowing '.' in usernames may break compatibility with 
older systems, NIS or Kerberos. Therefore we'd rather 
not allow that by default. 
However, a patch optionally allowing any characters in usernames 
was committed to -current. 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=31049 

From: Yar Tikhiy <yar@comp.chem.msu.su>
To: "Pirzyk, Jim" <Jim.Pirzyk@disney.com>
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: bin/31049: /usr/sbin/adduser does not allow '.' in login name. [PATCH]
Date: Thu, 3 Jan 2002 09:21:24 +0300

 On Wed, Jan 02, 2002 at 02:06:20PM -0800, Pirzyk, Jim wrote:
 > On Wednesday 02 January 2002 11:00 am, yar@FreeBSD.org wrote:
 > > Allowing '.' in usernames may break compatibility with
 > > older systems, NIS or Kerberos. Therefore we'd rather
 > > not allow that by default.
 > > However, a patch optionally allowing any characters in usernames
 > > was committed to -current.
 > 
 > Huh??  Why are we allowing all characters?  Seems that we
 
 It's *optional* and not enabled by default.
 
 > should allow the POSIX set of characters that are allowed, or
 > at least allow this to be configurable.  
 
 Your point looks reasonable.  What about the ``-posix'' option to adduser?
 
 -- 
 Yar

From: "Pirzyk, Jim" <Jim.Pirzyk@disney.com>
To: Yar Tikhiy <yar@comp.chem.msu.su>
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: bin/31049: /usr/sbin/adduser does not allow '.' in login name. [PATCH]
Date: Thu, 3 Jan 2002 13:16:11 -0800

 On Wednesday 02 January 2002 10:21 pm, Yar Tikhiy wrote:
 > On Wed, Jan 02, 2002 at 02:06:20PM -0800, Pirzyk, Jim wrote:
 > > On Wednesday 02 January 2002 11:00 am, yar@FreeBSD.org wrote:
 > > > Allowing '.' in usernames may break compatibility with
 > > > older systems, NIS or Kerberos. Therefore we'd rather
 > > > not allow that by default.
 > > > However, a patch optionally allowing any characters in usernames
 > > > was committed to -current.
 > >
 > > Huh??  Why are we allowing all characters?  Seems that we
 >
 > It's *optional* and not enabled by default.
 >
 > > should allow the POSIX set of characters that are allowed, or
 > > at least allow this to be configurable.
 >
 > Your point looks reasonable.  What about the ``-posix'' option to adduser?
 
 Sure sounds like a good idea.  
 
 Thx
 
 - JimP
 
 -- 
 --- @(#) $Id: dot.signature,v 1.10 2001/05/17 23:38:49 Jim.Pirzyk Exp $
     __o   Jim.Pirzyk@disney.com -------------------------------------
  _'\<,_   Senior Systems Engineer, Walt Disney Feature Animation 
 (*)/ (*)  

From: Yar Tikhiy <yar@FreeBSD.org>
To: freebsd-gnats-submit@FreeBSD.org, Jim.Pirzyk@disney.com
Cc:  
Subject: Re: bin/31049: /usr/sbin/adduser does not allow '.' in login name. [PATCH]
Date: Mon, 28 Jan 2002 21:10:47 +0300

 I've just committed to -current a new solution to this old problem:
 The regular expression to check usernames against is
 now configurable. Thus every admin who knows egrep(1)
 can customize it corresponding to his needs.
 
 -- 
 Yar
State-Changed-From-To: analyzed->closed 
State-Changed-By: yar 
State-Changed-When: Fri Feb 15 09:35:21 PST 2002 
State-Changed-Why:  
The final solution committed to -current and -stable. Thanks! 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=31049 
>Unformatted:
