1From ca472d6866e545aaa70a70020e3226f236a8aafc Mon Sep 17 00:00:00 2001 2From: Shan Hai <shan.hai@windriver.com> 3Date: Tue, 13 Sep 2016 13:45:46 +0800 4Subject: [PATCH] shadow: use relaxed usernames 5 6The groupadd from shadow does not allow upper case group names, the 7same is true for the upstream shadow. But distributions like 8Debian/Ubuntu/CentOS has their own way to cope with this problem, 9this patch is picked up from CentOS release 7.0 to relax the usernames 10restrictions to allow the upper case group names, and the relaxation is 11POSIX compliant because POSIX indicate that usernames are composed of 12characters from the portable filename character set [A-Za-z0-9._-]. 13 14Upstream-Status: Pending 15 16Signed-off-by: Shan Hai <shan.hai@windriver.com> 17 18--- 19 libmisc/chkname.c | 30 ++++++++++++++++++------------ 20 man/groupadd.8.xml | 6 ------ 21 man/useradd.8.xml | 8 +------- 22 3 files changed, 19 insertions(+), 25 deletions(-) 23 24diff --git a/libmisc/chkname.c b/libmisc/chkname.c 25index 90f185c..65762b4 100644 26--- a/libmisc/chkname.c 27+++ b/libmisc/chkname.c 28@@ -55,22 +55,28 @@ static bool is_valid_name (const char *name) 29 } 30 31 /* 32- * User/group names must match [a-z_][a-z0-9_-]*[$] 33- */ 34- 35- if (('\0' == *name) || 36- !((('a' <= *name) && ('z' >= *name)) || ('_' == *name))) { 37+ * User/group names must match gnu e-regex: 38+ * [a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,30}[a-zA-Z0-9_.$-]? 39+ * 40+ * as a non-POSIX, extension, allow "$" as the last char for 41+ * sake of Samba 3.x "add machine script" 42+ */ 43+ if ( ('\0' == *name) || 44+ !((*name >= 'a' && *name <= 'z') || 45+ (*name >= 'A' && *name <= 'Z') || 46+ (*name >= '0' && *name <= '9') || 47+ (*name == '_') || (*name == '.') 48+ )) { 49 return false; 50 } 51 52 while ('\0' != *++name) { 53- if (!(( ('a' <= *name) && ('z' >= *name) ) || 54- ( ('0' <= *name) && ('9' >= *name) ) || 55- ('_' == *name) || 56- ('-' == *name) || 57- ('.' == *name) || 58- ( ('$' == *name) && ('\0' == *(name + 1)) ) 59- )) { 60+ if (!( (*name >= 'a' && *name <= 'z') || 61+ (*name >= 'A' && *name <= 'Z') || 62+ (*name >= '0' && *name <= '9') || 63+ (*name == '_') || (*name == '.') || (*name == '-') || 64+ (*name == '$' && *(name + 1) == '\0') 65+ )) { 66 return false; 67 } 68 } 69diff --git a/man/groupadd.8.xml b/man/groupadd.8.xml 70index 1e58f09..d804b61 100644 71--- a/man/groupadd.8.xml 72+++ b/man/groupadd.8.xml 73@@ -272,12 +272,6 @@ 74 75 <refsect1 id='caveats'> 76 <title>CAVEATS</title> 77- <para> 78- Groupnames must start with a lower case letter or an underscore, 79- followed by lower case letters, digits, underscores, or dashes. 80- They can end with a dollar sign. 81- In regular expression terms: [a-z_][a-z0-9_-]*[$]? 82- </para> 83 <para> 84 Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long. 85 </para> 86diff --git a/man/useradd.8.xml b/man/useradd.8.xml 87index a16d730..c0bd777 100644 88--- a/man/useradd.8.xml 89+++ b/man/useradd.8.xml 90@@ -366,7 +366,7 @@ 91 </term> 92 <listitem> 93 <para> 94- Do no create the user's home directory, even if the system 95+ Do not create the user's home directory, even if the system 96 wide setting from <filename>/etc/login.defs</filename> 97 (<option>CREATE_HOME</option>) is set to 98 <replaceable>yes</replaceable>. 99@@ -660,12 +660,6 @@ 100 the user account creation request. 101 </para> 102 103- <para> 104- Usernames must start with a lower case letter or an underscore, 105- followed by lower case letters, digits, underscores, or dashes. 106- They can end with a dollar sign. 107- In regular expression terms: [a-z_][a-z0-9_-]*[$]? 108- </para> 109 <para> 110 Usernames may only be up to 32 characters long. 111 </para> 112