Subject: Re: useradd: warn about unusual login names
To: Hubert Feyrer <email@example.com>
From: Alistair Crooks <firstname.lastname@example.org>
Date: 11/23/2001 10:48:02
On Fri, Nov 23, 2001 at 04:35:27AM +0100, Hubert Feyrer wrote:
> Next round! This does
> * implement warnings close to Solaris 8:
> - print a warning if the login name is non-standard (see documentation
> for what's considered "standard")
> - print a warning on all-uppercase login names
> - print a warning if the first char of the login name is not a letter
> * update documentation to describe what a "standard" login is
> * use shquote(3), with it's own implementation for <1.6
> * follow the idea to give the administrator the rope he asks for
> Suggestions for improvement welcome, else I'll look into committing this
> soonish. Thanks!
You still haven't provided justification for these changes. Why is it
necessary to use the same name on NetBSD as it is on the foreign OS?
The changes to validlogin are not comprehensive enough. An admin
must not be able to enter usernames containing any of the regexp:
[:/^H^?^W] The use of '-' as a leading character will mean that
the user is unable to login. The use of '+' as a leading character
*SHOULD* be OK, but I haven't looked at the code. Likewise using
the '#' character anywhere in the username.
And now to another consideration: if you want NetBSD to co-exist
in a network of NIS machines, what happens then to your brand, spanking
new ' ' and '$'-enabled usernames when yppasswd gets a hold of them?
How do I enter a username with embedded ',' characters into a netgroup?
And you must address the other problem that was brought up (by
Lucio de Re?, sorry, I forget) - what happens if your changes cause
a bad passwd file to be constructed - how do you propose to recover
I'd be much happier if you told us what problem you're trying to
I'm quite happy for some of the restrictions that we currently have
to be relaxed, but this must be done in a controlled and logical