MAXLOGNAME + /etc/group + chkgrp invalid character @

Chuck Swiger cswiger at mac.com
Wed Nov 9 00:08:48 UTC 2011


On Nov 8, 2011, at 3:47 PM, Dan The Man wrote:
> In the daily cron "Daily run output" email always get the following:
> 
> Verifying group file syntax:
> chkgrp: /etc/group: line 3: '@' invalid character

chkgrp expects group names to consist of characters in isalnum().

> Could we modify system to support email addresses as usernames.

Sure, that's why FreeBSD comes with source code.
You can modify anything you like.  :-)

However, if you want to use a domain-aware login mechanism, Kerberos is in the base system, and SASL and LDAP are available in ports.  You're not going to break anything allowing "@" into the list of characters which pw(8) likes, but the flatfile passwd and group files are not hierarchical the way domain-aware network identity systems are.

A secondary issue is that there is rarely a one-to-one relationship between email addresses and users; many email addresses are aliases which expand either to a different username, or even to multiple users.

> From my testing it works fine, even with "Daily run output" complaining I can still su to user i added in wheel group.
> We'd need to fix ckkgrp source,
> adduser source, and making move to:
> #define MAXLOGNAME 256   in /usr/src/sys/sys/param.h

You can do that also, but I think you'll break compatibility with NIS/YP.

You might not care, but don't be surprised if you find that folks aren't willing to adopt this change back into FreeBSD-- I've seen a few people wanting to increase MAXLOGNAME since 2003 or so.

Regards,
-- 
-Chuck



More information about the freebsd-current mailing list