Subject: Login names and /etc/security
To: None <>
From: Mike M. Volokhov <>
List: tech-userlevel
Date: 11/02/2004 17:08:53

On the /etc/security, we have the following test:

if checkyesno check_passwd; then
	if ($1 !~ /^[A-Za-z0-9]([-A-Za-z0-9]*[A-Za-z0-9])*$/)
		printf "Login %s has non-alphanumeric characters.\n", $1;

But the passwd(5) man page says:

	``The login name must never begin with a hyphen (``-''); also,
	it is strongly suggested that neither upper-case characters nor
	dots (``.'') be part of the name, as this tends to confuse

Thus seems that [A-Z] testing in /etc/security violates the
recommendation, and some other allowed characters (such as "_") are not
included into expression.

Another issue is the regex itself. It allows the dash (``-'') characters
followed one each other, i.e.:


Is it a normal behaviour? Although it is not restricted by passwd(5),
but looks strange.

Therefore, possible correct regex should be as follows:


It fixes the problems described above.

And yet another question - logins names, which uses the numbers only
(for example, "0", "12345678"). It can be accepted by many systems
without any problems, but looks strange enough like as "dashed" ones.

Any comments please?