diff options
author | Stephen Hemminger <stephen.hemminger@vyatta.com> | 2010-09-08 09:05:36 -0700 |
---|---|---|
committer | Stephen Hemminger <stephen.hemminger@vyatta.com> | 2010-09-08 09:05:36 -0700 |
commit | 54975c05b4f2f904426fdbf8895e7e4f0c7e7749 (patch) | |
tree | 0e724ad8850d24325365939d14b07f56f74e48da /scripts/system/vyatta_check_username.pl | |
parent | 5efd5f4996b37e271175e8437dd3df9c54c2fb83 (diff) | |
download | vyatta-cfg-quagga-54975c05b4f2f904426fdbf8895e7e4f0c7e7749.tar.gz vyatta-cfg-quagga-54975c05b4f2f904426fdbf8895e7e4f0c7e7749.zip |
Enforce username length restriction
Bug 6131
Diffstat (limited to 'scripts/system/vyatta_check_username.pl')
-rw-r--r-- | scripts/system/vyatta_check_username.pl | 22 |
1 files changed, 14 insertions, 8 deletions
diff --git a/scripts/system/vyatta_check_username.pl b/scripts/system/vyatta_check_username.pl index 778f8976..30917ecb 100644 --- a/scripts/system/vyatta_check_username.pl +++ b/scripts/system/vyatta_check_username.pl @@ -44,20 +44,26 @@ sub finduser { } foreach my $user (@ARGV) { - # enforce recommendation from useradd man page + # enforce recommendations from useradd man page + # Debian, the only constraints are that usernames must neither start - # with a dash (-) nor contain a colon (:) or a whitespace (space: , end + # with a dash (-) nor contain a colon (:) or a whitespace (space: , end # of line: \n, tabulation: \t, etc.). Note that using a slash (/) may # break the default algorithm for the definition of the users home # directory. - die "$user : illegal characters in user name\n" + die "$user : illegal characters in username\n" unless ($user =~ /^\w[^ \t\n\r\v\f:\/]*$/); - # It is usually recommended to only use usernames that begin with a - # lower case letter or an underscore - # followed by lower case letters, digits, underscores, or dashes. - # They can end with a dollar sign. In regular expression terms: - warn "$user : username should only contain lowercase digits and underscore\n" + # Usernames may only be up to 32 characters long. + die "$user: username may only be up to 32 characters long\n" + if (length($user) > 32); + + # It is usually recommended to only use usernames that begin with a + # lower case letter or an underscore followed by lower case letters, + # digits, underscores, or dashes. They can end with a dollar sign. + # In regular expression terms: [a-z_][a-z0-9_-]*[$]? + warn "$user: username contains unusual characters\n" + . " should only contain lower case letters, digits, underscores or dashes\n" unless ($user =~ /^[a-z_][a-z0-9_-]*\$?$/); # User does not exist in system, its okay |