[src/trunk]: src add a check_passwd_permin_nonalpha option, which changes the...

[jdolecek <jdolecek%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/b585c7b6686c
branches:  trunk
changeset: 573695:b585c7b6686c
user:      jdolecek <jdolecek%NetBSD.org@localhost>
date:      Sat Feb 05 15:26:37 2005 +0000

description:
add a check_passwd_permin_nonalpha option, which changes the passwd
test to permit non-alphanumeric characters in login names

diffstat:

 etc/defaults/security.conf     |   3 ++-
 etc/security                   |  12 +++++++++---
 share/man/man5/security.conf.5 |   9 +++++++--
 3 files changed, 18 insertions(+), 6 deletions(-)

diffs (84 lines):

diff -r 95ca8f90a1e0 -r b585c7b6686c etc/defaults/security.conf
--- a/etc/defaults/security.conf        Sat Feb 05 14:55:44 2005 +0000
+++ b/etc/defaults/security.conf        Sat Feb 05 15:26:37 2005 +0000
@@ -1,4 +1,4 @@
-#      $NetBSD: security.conf,v 1.13 2004/09/28 15:03:58 erh Exp $
+#      $NetBSD: security.conf,v 1.14 2005/02/05 15:26:37 jdolecek Exp $
 #
 # /etc/defaults/security.conf --
 #      default configuration of /etc/security.conf
@@ -38,5 +38,6 @@
 check_passwd_nowarn_shells="/sbin/nologin /usr/libexec/uucp/uucico"
 check_passwd_nowarn_users=""
 check_passwd_permit_star=NO
+check_passwd_permit_nonalpha=NO
 max_loginlen=8
 max_grouplen=8
diff -r 95ca8f90a1e0 -r b585c7b6686c etc/security
--- a/etc/security      Sat Feb 05 14:55:44 2005 +0000
+++ b/etc/security      Sat Feb 05 15:26:37 2005 +0000
@@ -1,6 +1,6 @@
 #!/bin/sh -
 #
-#      $NetBSD: security,v 1.93 2004/11/21 19:00:12 kim Exp $
+#      $NetBSD: security,v 1.94 2005/02/05 15:26:37 jdolecek Exp $
 #      from: @(#)security      8.1 (Berkeley) 6/9/93
 #
 
@@ -183,10 +183,15 @@
         # XXX: the sense of permit_star is reversed; the code works as
         # implemented, but usage needs to be negated.
        checkyesno check_passwd_permit_star && permit_star=0 || permit_star=1
+       checkyesno check_passwd_permit_nonalpha \
+                && permit_nonalpha=1 || permit_nonalpha=0
+
        awk -v "len=$max_loginlen" \
            -v "nowarn_shells_list=$check_passwd_nowarn_shells" \
            -v "nowarn_users_list=$check_passwd_nowarn_users" \
-           -v "permit_star=$permit_star" '
+           -v "permit_star=$permit_star" \
+           -v "permit_nonalpha=$permit_nonalpha" \
+       '
        BEGIN {
                while ( getline < "/etc/shells" > 0 ) {
                        if ($0 ~ /^\#/ || $0 ~ /^$/ )
@@ -216,7 +221,8 @@
                                NR;
                        next;
                }
-               if ($1 !~ /^[A-Za-z0-9]([-A-Za-z0-9]*[A-Za-z0-9])*$/)
+               if (!permit_nonalpha &&
+                   $1 !~ /^[A-Za-z0-9]([-A-Za-z0-9]*[A-Za-z0-9])*$/)
                        printf "Login %s has non-alphanumeric characters.\n",
                            $1;
                if (length($1) > len)
diff -r 95ca8f90a1e0 -r b585c7b6686c share/man/man5/security.conf.5
--- a/share/man/man5/security.conf.5    Sat Feb 05 14:55:44 2005 +0000
+++ b/share/man/man5/security.conf.5    Sat Feb 05 15:26:37 2005 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: security.conf.5,v 1.27 2004/09/28 15:19:02 wiz Exp $
+.\"    $NetBSD: security.conf.5,v 1.28 2005/02/05 15:26:38 jdolecek Exp $
 .\"
 .\" Copyright (c) 1996 Matthew R. Green
 .\" All rights reserved.
@@ -26,7 +26,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.Dd September 28, 2004
+.Dd Febrary 5, 2005
 .Dt SECURITY.CONF 5
 .Os
 .Sh NAME
@@ -190,6 +190,11 @@
 If
 .Sy check_passwd
 is enabled, suppress warnings for these users.
+.It Sy check_passwd_permit_nonalpha
+If
+.Sy check_passwd
+is enabled, do not warn about login names, which use non-alphanumeric
+characters.
 .It Sy check_passwd_permit_star
 If
 .Sy check_passwd