|Summary:||Cannot create users with leading numeric characters|
|Product:||[Retired] Red Hat Linux||Reporter:||Julie Haugh <jfh>|
|Component:||shadow-utils||Assignee:||Eido Inoue <havill>|
|Status:||CLOSED WONTFIX||QA Contact:||David Lawrence <dkl>|
|Fixed In Version:||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||2004-10-13 14:58:25 UTC||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
|Cloudforms Team:||---||Target Upstream Version:|
Description Julie Haugh 2002-11-20 19:04:35 UTC
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20021003 Description of problem: In my original version of Shadow it was possible to create users which had non-alphabetic initial characters for user names. Somewhere prior to the 980403 version this was changed by the then-maintainer, Marek. SVR4, which was the basis for my writing Shadow, permits the initial character to be non-alphabetic. Some OSes complain, Solaris being one which says it will complain if the leading character isn't a letter. The real requirement is that the user name not be a string of digits which could create ambiguity if the user's names was "123" and their UID was 456. useradd and groupadd should scan the entire name to verify that it contains at least one non-numeric character to avoid the ambiguity problem I mentioned earlier. The code which does this is "goodname()" in libmisc/chkname.c. I'm sorry to pester y'all and would have sent this directly to the maintainer, but I haven't a clue anymore who is maintaining Shadow. -- Julie. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1.useradd 123def 2.Observe the error message. 3.Observe that user "123def" was not created. Actual Results: It produced an error message and didn't create the user. Additional info: The manpages for useradd and groupadd should be updated to say that creating users and groups with leading non-alphabetic characters is generally a bad idea and may confuse stupid programs which code parameter processing as if (isdigit (*name)) pw = getpwuid (atoi (name)); else pw = getpwnam (name); Apropos your severity classification -- this used to work, so it's a request to fix what the original maintainer broke.
Comment 1 Eido Inoue 2004-10-13 14:58:25 UTC
this will create all sorts of problems for other applications that expect usernames and do independent validation/parsing. While we now allow dots and mixed case in the newest releases, I think we should generally follow common computer "identifier" principles and insist that the first letter be alphabetic.