cfc981df2a
The groupadd from shadow does not allow upper case group names, the same is true for the upstream shadow. But distributions like Debian/Ubuntu/CentOS has their own way to cope with this problem, this patch is picked up from Fedora [1] to relax the usernames restrictions to allow the upper case group names, and the relaxation is POSIX compliant because POSIX indicate that usernames are composed of characters from the portable filename character set [A-Za-z0-9._-]. [1] https://src.fedoraproject.org/rpms/shadow-utils/blob/rawhide/f/shadow-4.8-goodname.patch Signed-off-by: Alexander Kanavin <alex@linutronix.de>
102 lines
2.1 KiB
C
102 lines
2.1 KiB
C
/*
|
|
* SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
|
|
* SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
|
|
* SPDX-FileCopyrightText: 2001 - 2005, Tomasz Kłoczko
|
|
* SPDX-FileCopyrightText: 2005 - 2008, Nicolas François
|
|
*
|
|
* SPDX-License-Identifier: BSD-3-Clause
|
|
*/
|
|
|
|
/*
|
|
* is_valid_user_name(), is_valid_group_name() - check the new user/group
|
|
* name for validity;
|
|
* return values:
|
|
* true - OK
|
|
* false - bad name
|
|
*/
|
|
|
|
#include <config.h>
|
|
|
|
#ident "$Id$"
|
|
|
|
#include <ctype.h>
|
|
#include "defines.h"
|
|
#include "chkname.h"
|
|
|
|
int allow_bad_names = false;
|
|
|
|
static bool is_valid_name (const char *name)
|
|
{
|
|
if (allow_bad_names) {
|
|
return true;
|
|
}
|
|
|
|
/*
|
|
* User/group names must match gnu e-regex:
|
|
* [a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,30}[a-zA-Z0-9_.$-]?
|
|
*
|
|
* as a non-POSIX, extension, allow "$" as the last char for
|
|
* sake of Samba 3.x "add machine script"
|
|
*
|
|
* Also do not allow fully numeric names or just "." or "..".
|
|
*/
|
|
int numeric;
|
|
|
|
if ('\0' == *name ||
|
|
('.' == *name && (('.' == name[1] && '\0' == name[2]) ||
|
|
'\0' == name[1])) ||
|
|
!((*name >= 'a' && *name <= 'z') ||
|
|
(*name >= 'A' && *name <= 'Z') ||
|
|
(*name >= '0' && *name <= '9') ||
|
|
*name == '_' ||
|
|
*name == '.')) {
|
|
return false;
|
|
}
|
|
|
|
numeric = isdigit(*name);
|
|
|
|
while ('\0' != *++name) {
|
|
if (!((*name >= 'a' && *name <= 'z') ||
|
|
(*name >= 'A' && *name <= 'Z') ||
|
|
(*name >= '0' && *name <= '9') ||
|
|
*name == '_' ||
|
|
*name == '.' ||
|
|
*name == '-' ||
|
|
(*name == '$' && name[1] == '\0')
|
|
)) {
|
|
return false;
|
|
}
|
|
numeric &= isdigit(*name);
|
|
}
|
|
|
|
return !numeric;
|
|
}
|
|
|
|
bool is_valid_user_name (const char *name)
|
|
{
|
|
/*
|
|
* User names are limited by whatever utmp can
|
|
* handle.
|
|
*/
|
|
if (strlen (name) > USER_NAME_MAX_LENGTH) {
|
|
return false;
|
|
}
|
|
|
|
return is_valid_name (name);
|
|
}
|
|
|
|
bool is_valid_group_name (const char *name)
|
|
{
|
|
/*
|
|
* Arbitrary limit for group names.
|
|
* HP-UX 10 limits to 16 characters
|
|
*/
|
|
if ( (GROUP_NAME_MAX_LENGTH > 0)
|
|
&& (strlen (name) > GROUP_NAME_MAX_LENGTH)) {
|
|
return false;
|
|
}
|
|
|
|
return is_valid_name (name);
|
|
}
|
|
|