From 6daba1eb14430aa02f8f56614188a598b383c8ef Mon Sep 17 00:00:00 2001 From: Daniil Baturin Date: Sun, 28 Oct 2018 16:40:33 +0100 Subject: T720: restrict usernames to the format useradd will accept. This reintroduces hagbard's change that has somehow gone missing. --- templates/system/login/user/node.def | 1 + 1 file changed, 1 insertion(+) (limited to 'templates/system') diff --git a/templates/system/login/user/node.def b/templates/system/login/user/node.def index 451cc078..5f83fe54 100644 --- a/templates/system/login/user/node.def +++ b/templates/system/login/user/node.def @@ -3,6 +3,7 @@ type: txt help: User account information syntax:expression: exec "/opt/vyatta/sbin/vyatta_check_username.pl $VAR(@)" +syntax:expression: exec "${vyos_libexec_dir}/validate-value.py --regex \'^[a-zA-Z0-9\-_]{1,100}\' --value \'$VAR(@)\'"; "illegal characters in username or longer than 100 chars" commit:expression: $VAR(@) == "" || $VAR(authentication/plaintext-password) != "" || -- cgit v1.2.3